Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-47193 (GCVE-0-2021-47193)
Vulnerability from cvelistv5
Published
2024-04-10 18:56
Modified
2025-05-04 07:06
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
scsi: pm80xx: Fix memory leak during rmmod
Driver failed to release all memory allocated. This would lead to memory
leak during driver removal.
Properly free memory when the module is removed.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-12T16:35:04.772224Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:14:16.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:32:07.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/269a4311b15f68d24e816f43f123888f241ed13d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/51e6ed83bb4ade7c360551fa4ae55c4eacea354b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/pm8001/pm8001_init.c",
"drivers/scsi/pm8001/pm8001_sas.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "269a4311b15f68d24e816f43f123888f241ed13d",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "51e6ed83bb4ade7c360551fa4ae55c4eacea354b",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/pm8001/pm8001_init.c",
"drivers/scsi/pm8001/pm8001_sas.h"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Fix memory leak during rmmod\n\nDriver failed to release all memory allocated. This would lead to memory\nleak during driver removal.\n\nProperly free memory when the module is removed."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T07:06:07.567Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/269a4311b15f68d24e816f43f123888f241ed13d"
},
{
"url": "https://git.kernel.org/stable/c/51e6ed83bb4ade7c360551fa4ae55c4eacea354b"
}
],
"title": "scsi: pm80xx: Fix memory leak during rmmod",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47193",
"datePublished": "2024-04-10T18:56:30.726Z",
"dateReserved": "2024-03-25T09:12:14.113Z",
"dateUpdated": "2025-05-04T07:06:07.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-47193\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-10T19:15:47.757\",\"lastModified\":\"2024-11-21T06:35:36.083\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nscsi: pm80xx: Fix memory leak during rmmod\\n\\nDriver failed to release all memory allocated. This would lead to memory\\nleak during driver removal.\\n\\nProperly free memory when the module is removed.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: scsi: pm80xx: se corrigi\u00f3 la p\u00e9rdida de memoria durante rmmod, el controlador no pudo liberar toda la memoria asignada. Esto puede provocar una p\u00e9rdida de memoria durante la eliminaci\u00f3n del controlador. Se debe liberar correctamente la memoria cuando se retire el m\u00f3dulo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.15.5\",\"matchCriteriaId\":\"B2845F69-264B-45BD-B7E7-D12B24338382\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/269a4311b15f68d24e816f43f123888f241ed13d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/51e6ed83bb4ade7c360551fa4ae55c4eacea354b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/269a4311b15f68d24e816f43f123888f241ed13d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/51e6ed83bb4ade7c360551fa4ae55c4eacea354b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/269a4311b15f68d24e816f43f123888f241ed13d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/51e6ed83bb4ade7c360551fa4ae55c4eacea354b\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:32:07.232Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-47193\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-12T16:35:04.772224Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:23.548Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"scsi: pm80xx: Fix memory leak during rmmod\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\", \"lessThan\": \"269a4311b15f68d24e816f43f123888f241ed13d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\", \"lessThan\": \"51e6ed83bb4ade7c360551fa4ae55c4eacea354b\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/scsi/pm8001/pm8001_init.c\", \"drivers/scsi/pm8001/pm8001_sas.h\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"5.15.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"5.16\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/scsi/pm8001/pm8001_init.c\", \"drivers/scsi/pm8001/pm8001_sas.h\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/269a4311b15f68d24e816f43f123888f241ed13d\"}, {\"url\": \"https://git.kernel.org/stable/c/51e6ed83bb4ade7c360551fa4ae55c4eacea354b\"}], \"x_generator\": {\"engine\": \"bippy-5f407fcff5a0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nscsi: pm80xx: Fix memory leak during rmmod\\n\\nDriver failed to release all memory allocated. This would lead to memory\\nleak during driver removal.\\n\\nProperly free memory when the module is removed.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-12-19T07:37:10.052Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2021-47193\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-19T07:37:10.052Z\", \"dateReserved\": \"2024-03-25T09:12:14.113Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-04-10T18:56:30.726Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
suse-su-2024:2360-1
Vulnerability from csaf_suse
Published
2024-07-09 14:01
Modified
2024-07-09 14:01
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
- CVE-2021-47191: Fix out-of-bound read in resp_readcap16() (bsc#1222866).
- CVE-2021-47267: usb: fix various gadget panics on 10gbps cabling (bsc#1224993).
- CVE-2021-47270: usb: fix various gadgets null ptr deref on 10gbps cabling (bsc#1224997).
- CVE-2021-47293: net/sched: act_skbmod: Skip non-Ethernet packets (bsc#1224978).
- CVE-2021-47294: netrom: Decrease sock refcount when sock timers expire (bsc#1224977).
- CVE-2021-47297: net: fix uninit-value in caif_seqpkt_sendmsg (bsc#1224976).
- CVE-2021-47309: net: validate lwtstate->data before returning from skb_tunnel_info() (bsc#1224967).
- CVE-2021-47354: drm/sched: Avoid data corruptions (bsc#1225140)
- CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).
- CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).
- CVE-2021-47407: KVM: x86: Handle SRCU initialization failure during page track init (bsc#1225306).
- CVE-2021-47418: net_sched: fix NULL deref in fifo_set_limit() (bsc#1225337).
- CVE-2021-47434: xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1225232).
- CVE-2021-47445: drm/msm: Fix null pointer dereference on pointer edp (bsc#1225261)
- CVE-2021-47518: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (bsc#1225372).
- CVE-2021-47544: tcp: fix page frag corruption on page fault (bsc#1225463).
- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2021-47587: net: systemport: Add global locking for descriptor lifecycle (bsc#1226567).
- CVE-2021-47602: mac80211: track only QoS data frames for admission control (bsc#1226554).
- CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver (bsc#1226562)
- CVE-2022-48732: drm/nouveau: fix off by one in BIOS boundary checking (bsc#1226716)
- CVE-2022-48733: btrfs: fix use-after-free after failure to create a snapshot (bsc#1226718).
- CVE-2022-48740: selinux: fix double free of cond_list on error paths (bsc#1226699).
- CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow (bsc#1226705).
- CVE-2022-48756: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (bsc#1226698)
- CVE-2022-48759: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (bsc#1226711).
- CVE-2022-48761: usb: xhci-plat: fix crash when suspend if remote wake enable (bsc#1226701).
- CVE-2022-48772: media: lgdt3306a: Add a check against null-pointer-def (bsc#1226976).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).
- CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52754: media: imon: fix access to invalid resource for the second interface (bsc#1225490).
- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
- CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573).
- CVE-2023-52764: media: gspca: cpia1: shift-out-of-bounds in set_flicker (bsc#1225571).
- CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).
- CVE-2023-52832: wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (bsc#1225577).
- CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599).
- CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
- CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
- CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-26894: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (bsc#1223043).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (git-fixesbsc#1223641).
- CVE-2024-27399: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (bsc#1224177).
- CVE-2024-27410: Reject iftype change with mesh ID change (bsc#1224432).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2024-35822: usb: udc: remove warning when queue disabled ep (bsc#1224739).
- CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-35922: fbmon: prevent division by zero in fb_videomode_from_videomode() (bsc#1224660)
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2024-35930: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1224651).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
- CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).
- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
- CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).
- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).
- CVE-2024-36016: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (bsc#1225642).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-36592: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1225898).
- CVE-2024-36880: Bluetooth: qca: add missing firmware sanity checks (bsc#1225722).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
- CVE-2024-36950: firewire: ohci: mask bus reset interrupts between ISR and bottom half (bsc#1225895).
- CVE-2024-36960: drm/vmwgfx: Fix invalid reads in fence signaled events (bsc#1225872)
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-38544: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (bsc#1226597)
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
- CVE-2024-38546: drm: vc4: Fix possible null pointer dereference (bsc#1226593).
- CVE-2024-38549: drm/mediatek: Add 0 size check to mtk_drm_gem_obj (bsc#1226735)
- CVE-2024-38552: drm/amd/display: Fix potential index out of bounds in color (bsc#1226767)
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38565: wifi: ar5523: enable proper endpoint verification (bsc#1226747).
- CVE-2024-38567: wifi: carl9170: add a proper sanity check for endpoints (bsc#1226769).
- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634.
- CVE-2024-38579: crypto: bcm - Fix pointer arithmetic (bsc#1226637).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754).
- CVE-2024-38621: media: stk1160: fix bounds checking in stk1160_copy_video() (bsc#1226895).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).
The following non-security bugs were fixed:
- Btrfs: bail out on error during replay_dir_deletes (git-fixes)
- Btrfs: clean up resources during umount after trans is aborted (git-fixes)
- Btrfs: fix NULL pointer dereference in log_dir_items (git-fixes)
- Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() (git-fixes)
- Btrfs: fix unexpected EEXIST from btrfs_get_extent (git-fixes)
- Btrfs: send, fix issuing write op when processing hole in no data mode (git-fixes)
- Fix compilation
- KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond (git-fixes).
- NFSv4: Always clear the pNFS layout when handling ESTALE (bsc#1221791).
- NFSv4: nfs_set_open_stateid must not trigger state recovery for closed state (bsc#1221791).
- PNFS for stateid errors retry against MDS first (bsc#1221791).
- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
- USB: serial: option: add Foxconn T99W265 with new baseline (git-fixes).
- USB: serial: option: add Quectel EG912Y module support (git-fixes).
- USB: serial: option: add Quectel RM500Q R13 firmware support (git-fixes).
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
- blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062 bsc#1225203).
- blk-cgroup: fix missing pd_online_fn() while activating policy (git-fixes bsc#1225203).
- blk-cgroup: support to track if policy is online (bsc#1216062 bsc#1225203).
- bpf, scripts: Correct GPL license name (git-fixes).
- bsc#1225894: Fix build warning
- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (git-fixes)
- btrfs: fix crash when trying to resume balance without the resume flag (git-fixes)
- btrfs: fix describe_relocation when printing unknown flags (git-fixes)
- btrfs: fix false EIO for missing device (git-fixes)
- btrfs: tree-check: reduce stack consumption in check_dir_item (git-fixes)
- btrfs: use correct compare function of dirty_metadata_bytes (git-fixes)
- drm/amdkfd: Rework kfd_locked handling (bsc#1225872)
- fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP (bsc#1225848).
- fs: make fiemap work from compat_ioctl (bsc#1225848).
- iommu/amd: Fix sysfs leak in iommu init (git-fixes).
- iommu/vt-d: Allocate local memory for page request queue (git-fixes).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- kabi: blkcg_policy_data fix KABI (bsc#1216062 bsc#1225203).
- mkspec-dtb: add toplevel symlinks also on arm
- net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021).
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
- nvmet: fix ns enable/disable possible hang (git-fixes).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
- rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ('ARM: dts: Move .dts files to vendor sub-directories'). So switch to them.
- scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes).
- scsi: 53c700: Check that command slot is not NULL (git-fixes).
- scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes).
- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
- scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).
- scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed (git-fixes).
- scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes).
- scsi: core: Fix possible memory leak if device_add() fails (git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: isci: Fix an error code problem in isci_io_request_build() (git-fixes).
- scsi: iscsi: Add length check for nlattr payload (git-fixes).
- scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (git-fixes).
- scsi: iscsi_tcp: restrict to TCP sockets (git-fixes).
- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes).
- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).
- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
- scsi: libsas: Introduce struct smp_disc_resp (git-fixes).
- scsi: lpfc: Correct size for wqe for memset() (git-fixes).
- scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (git-fixes).
- scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-fixes).
- scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes).
- scsi: mpt3sas: Fix in error path (git-fixes).
- scsi: mpt3sas: Fix loop logic (git-fixes).
- scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git-fixes).
- scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (git-fixes).
- scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (git-fixes).
- scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (git-fixes).
- scsi: qedf: Fix NULL dereference in error handling (git-fixes).
- scsi: qedf: Fix firmware halt over suspend and resume (git-fixes).
- scsi: qedi: Fix firmware halt over suspend and resume (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
- scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes).
- scsi: snic: Fix double free in snic_tgt_create() (git-fixes).
- scsi: snic: Fix possible memory leak if device_add() fails (git-fixes).
- scsi: stex: Fix gcc 13 warnings (git-fixes).
- scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- usb: port: Do not try to peer unused USB ports based on location (git-fixes).
- usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
Patchnames
SUSE-2024-2360,SUSE-SLE-SERVER-12-SP5-2024-2360
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).\n- CVE-2021-47191: Fix out-of-bound read in resp_readcap16() (bsc#1222866).\n- CVE-2021-47267: usb: fix various gadget panics on 10gbps cabling (bsc#1224993).\n- CVE-2021-47270: usb: fix various gadgets null ptr deref on 10gbps cabling (bsc#1224997).\n- CVE-2021-47293: net/sched: act_skbmod: Skip non-Ethernet packets (bsc#1224978).\n- CVE-2021-47294: netrom: Decrease sock refcount when sock timers expire (bsc#1224977).\n- CVE-2021-47297: net: fix uninit-value in caif_seqpkt_sendmsg (bsc#1224976).\n- CVE-2021-47309: net: validate lwtstate-\u003edata before returning from skb_tunnel_info() (bsc#1224967).\n- CVE-2021-47354: drm/sched: Avoid data corruptions (bsc#1225140)\n- CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).\n- CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).\n- CVE-2021-47407: KVM: x86: Handle SRCU initialization failure during page track init (bsc#1225306).\n- CVE-2021-47418: net_sched: fix NULL deref in fifo_set_limit() (bsc#1225337).\n- CVE-2021-47434: xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1225232).\n- CVE-2021-47445: drm/msm: Fix null pointer dereference on pointer edp (bsc#1225261)\n- CVE-2021-47518: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (bsc#1225372).\n- CVE-2021-47544: tcp: fix page frag corruption on page fault (bsc#1225463).\n- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).\n- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).\n- CVE-2021-47587: net: systemport: Add global locking for descriptor lifecycle (bsc#1226567).\n- CVE-2021-47602: mac80211: track only QoS data frames for admission control (bsc#1226554).\n- CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver (bsc#1226562)\n- CVE-2022-48732: drm/nouveau: fix off by one in BIOS boundary checking (bsc#1226716)\n- CVE-2022-48733: btrfs: fix use-after-free after failure to create a snapshot (bsc#1226718).\n- CVE-2022-48740: selinux: fix double free of cond_list on error paths (bsc#1226699).\n- CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow (bsc#1226705).\n- CVE-2022-48756: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (bsc#1226698)\n- CVE-2022-48759: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (bsc#1226711).\n- CVE-2022-48761: usb: xhci-plat: fix crash when suspend if remote wake enable (bsc#1226701).\n- CVE-2022-48772: media: lgdt3306a: Add a check against null-pointer-def (bsc#1226976).\n- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).\n- CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).\n- CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).\n- CVE-2023-52754: media: imon: fix access to invalid resource for the second interface (bsc#1225490).\n- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).\n- CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573).\n- CVE-2023-52764: media: gspca: cpia1: shift-out-of-bounds in set_flicker (bsc#1225571).\n- CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).\n- CVE-2023-52832: wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (bsc#1225577).\n- CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599).\n- CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).\n- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).\n- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).\n- CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583).\n- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).\n- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).\n- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).\n- CVE-2024-26679: Fixed read sk-\u003esk_family once in inet_recv_error() (bsc#1222385).\n- CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).\n- CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).\n- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).\n- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).\n- CVE-2024-26894: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (bsc#1223043).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).\n- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).\n- CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (git-fixesbsc#1223641).\n- CVE-2024-27399: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (bsc#1224177).\n- CVE-2024-27410: Reject iftype change with mesh ID change (bsc#1224432).\n- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).\n- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).\n- CVE-2024-35822: usb: udc: remove warning when queue disabled ep (bsc#1224739).\n- CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).\n- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).\n- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).\n- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).\n- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).\n- CVE-2024-35922: fbmon: prevent division by zero in fb_videomode_from_videomode() (bsc#1224660)\n- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).\n- CVE-2024-35930: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1224651).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1224703).\n- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)\n- CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).\n- CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).\n- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).\n- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).\n- CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).\n- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).\n- CVE-2024-36016: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (bsc#1225642).\n- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).\n- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).\n- CVE-2024-36592: scsi: lpfc: Move NPIV\u0027s transport unregistration to after resource clean up (bsc#1225898).\n- CVE-2024-36880: Bluetooth: qca: add missing firmware sanity checks (bsc#1225722).\n- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).\n- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).\n- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).\n- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).\n- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).\n- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).\n- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).\n- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).\n- CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)\n- CVE-2024-36950: firewire: ohci: mask bus reset interrupts between ISR and bottom half (bsc#1225895).\n- CVE-2024-36960: drm/vmwgfx: Fix invalid reads in fence signaled events (bsc#1225872)\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).\n- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).\n- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).\n- CVE-2024-38544: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (bsc#1226597)\n- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).\n- CVE-2024-38546: drm: vc4: Fix possible null pointer dereference (bsc#1226593).\n- CVE-2024-38549: drm/mediatek: Add 0 size check to mtk_drm_gem_obj (bsc#1226735)\n- CVE-2024-38552: drm/amd/display: Fix potential index out of bounds in color (bsc#1226767)\n- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).\n- CVE-2024-38565: wifi: ar5523: enable proper endpoint verification (bsc#1226747).\n- CVE-2024-38567: wifi: carl9170: add a proper sanity check for endpoints (bsc#1226769).\n- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634.\n- CVE-2024-38579: crypto: bcm - Fix pointer arithmetic (bsc#1226637).\n- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).\n- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).\n- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).\n- CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754).\n- CVE-2024-38621: media: stk1160: fix bounds checking in stk1160_copy_video() (bsc#1226895).\n- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).\n- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).\n- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).\n- CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).\n\nThe following non-security bugs were fixed:\n\n- Btrfs: bail out on error during replay_dir_deletes (git-fixes)\n- Btrfs: clean up resources during umount after trans is aborted (git-fixes)\n- Btrfs: fix NULL pointer dereference in log_dir_items (git-fixes)\n- Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() (git-fixes)\n- Btrfs: fix unexpected EEXIST from btrfs_get_extent (git-fixes)\n- Btrfs: send, fix issuing write op when processing hole in no data mode (git-fixes)\n- Fix compilation\n- KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond (git-fixes).\n- NFSv4: Always clear the pNFS layout when handling ESTALE (bsc#1221791).\n- NFSv4: nfs_set_open_stateid must not trigger state recovery for closed state (bsc#1221791).\n- PNFS for stateid errors retry against MDS first (bsc#1221791).\n- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)\n- USB: serial: option: add Foxconn T99W265 with new baseline (git-fixes).\n- USB: serial: option: add Quectel EG912Y module support (git-fixes).\n- USB: serial: option: add Quectel RM500Q R13 firmware support (git-fixes).\n- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).\n- blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062 bsc#1225203).\n- blk-cgroup: fix missing pd_online_fn() while activating policy (git-fixes bsc#1225203).\n- blk-cgroup: support to track if policy is online (bsc#1216062 bsc#1225203).\n- bpf, scripts: Correct GPL license name (git-fixes).\n- bsc#1225894: Fix build warning\n- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (git-fixes)\n- btrfs: fix crash when trying to resume balance without the resume flag (git-fixes)\n- btrfs: fix describe_relocation when printing unknown flags (git-fixes)\n- btrfs: fix false EIO for missing device (git-fixes)\n- btrfs: tree-check: reduce stack consumption in check_dir_item (git-fixes)\n- btrfs: use correct compare function of dirty_metadata_bytes (git-fixes)\n- drm/amdkfd: Rework kfd_locked handling (bsc#1225872)\n- fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP (bsc#1225848).\n- fs: make fiemap work from compat_ioctl (bsc#1225848).\n- iommu/amd: Fix sysfs leak in iommu init (git-fixes).\n- iommu/vt-d: Allocate local memory for page request queue (git-fixes).\n- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)\n- kabi: blkcg_policy_data fix KABI (bsc#1216062 bsc#1225203).\n- mkspec-dtb: add toplevel symlinks also on arm\n- net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021).\n- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).\n- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).\n- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).\n- nvmet: fix ns enable/disable possible hang (git-fixes).\n- ocfs2: adjust enabling place for la window (bsc#1219224).\n- ocfs2: fix sparse warnings (bsc#1219224).\n- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).\n- ocfs2: speed up chain-list searching (bsc#1219224).\n- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.\n- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.\n- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.\n- rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 (\u0027ARM: dts: Move .dts files to vendor sub-directories\u0027). So switch to them.\n- scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes).\n- scsi: 53c700: Check that command slot is not NULL (git-fixes).\n- scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes).\n- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes).\n- scsi: bfa: Fix function pointer type mismatch for hcb_qe-\u003ecbfn (git-fixes).\n- scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).\n- scsi: core: Decrease scsi_device\u0027s iorequest_cnt if dispatch failed (git-fixes).\n- scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes).\n- scsi: core: Fix possible memory leak if device_add() fails (git-fixes).\n- scsi: csiostor: Avoid function pointer casts (git-fixes).\n- scsi: isci: Fix an error code problem in isci_io_request_build() (git-fixes).\n- scsi: iscsi: Add length check for nlattr payload (git-fixes).\n- scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (git-fixes).\n- scsi: iscsi_tcp: restrict to TCP sockets (git-fixes).\n- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes).\n- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).\n- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).\n- scsi: libsas: Introduce struct smp_disc_resp (git-fixes).\n- scsi: lpfc: Correct size for wqe for memset() (git-fixes).\n- scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (git-fixes).\n- scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-fixes).\n- scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes).\n- scsi: mpt3sas: Fix in error path (git-fixes).\n- scsi: mpt3sas: Fix loop logic (git-fixes).\n- scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git-fixes).\n- scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (git-fixes).\n- scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (git-fixes).\n- scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (git-fixes).\n- scsi: qedf: Fix NULL dereference in error handling (git-fixes).\n- scsi: qedf: Fix firmware halt over suspend and resume (git-fixes).\n- scsi: qedi: Fix firmware halt over suspend and resume (git-fixes).\n- scsi: qedi: Fix potential deadlock on \u0026qedi_percpu-\u003ep_work_lock (git-fixes).\n- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).\n- scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes).\n- scsi: snic: Fix double free in snic_tgt_create() (git-fixes).\n- scsi: snic: Fix possible memory leak if device_add() fails (git-fixes).\n- scsi: stex: Fix gcc 13 warnings (git-fixes).\n- scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).\n- usb: port: Do not try to peer unused USB ports based on location (git-fixes).\n- usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes).\n- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2360,SUSE-SLE-SERVER-12-SP5-2024-2360",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2360-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2360-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242360-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2360-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-July/035874.html"
},
{
"category": "self",
"summary": "SUSE Bug 1119113",
"url": "https://bugzilla.suse.com/1119113"
},
{
"category": "self",
"summary": "SUSE Bug 1171988",
"url": "https://bugzilla.suse.com/1171988"
},
{
"category": "self",
"summary": "SUSE Bug 1191958",
"url": "https://bugzilla.suse.com/1191958"
},
{
"category": "self",
"summary": "SUSE Bug 1195065",
"url": "https://bugzilla.suse.com/1195065"
},
{
"category": "self",
"summary": "SUSE Bug 1195254",
"url": "https://bugzilla.suse.com/1195254"
},
{
"category": "self",
"summary": "SUSE Bug 1195775",
"url": "https://bugzilla.suse.com/1195775"
},
{
"category": "self",
"summary": "SUSE Bug 1204514",
"url": "https://bugzilla.suse.com/1204514"
},
{
"category": "self",
"summary": "SUSE Bug 1216062",
"url": "https://bugzilla.suse.com/1216062"
},
{
"category": "self",
"summary": "SUSE Bug 1217912",
"url": "https://bugzilla.suse.com/1217912"
},
{
"category": "self",
"summary": "SUSE Bug 1218148",
"url": "https://bugzilla.suse.com/1218148"
},
{
"category": "self",
"summary": "SUSE Bug 1219224",
"url": "https://bugzilla.suse.com/1219224"
},
{
"category": "self",
"summary": "SUSE Bug 1221010",
"url": "https://bugzilla.suse.com/1221010"
},
{
"category": "self",
"summary": "SUSE Bug 1221647",
"url": "https://bugzilla.suse.com/1221647"
},
{
"category": "self",
"summary": "SUSE Bug 1221654",
"url": "https://bugzilla.suse.com/1221654"
},
{
"category": "self",
"summary": "SUSE Bug 1221791",
"url": "https://bugzilla.suse.com/1221791"
},
{
"category": "self",
"summary": "SUSE Bug 1221958",
"url": "https://bugzilla.suse.com/1221958"
},
{
"category": "self",
"summary": "SUSE Bug 1222015",
"url": "https://bugzilla.suse.com/1222015"
},
{
"category": "self",
"summary": "SUSE Bug 1222080",
"url": "https://bugzilla.suse.com/1222080"
},
{
"category": "self",
"summary": "SUSE Bug 1222364",
"url": "https://bugzilla.suse.com/1222364"
},
{
"category": "self",
"summary": "SUSE Bug 1222385",
"url": "https://bugzilla.suse.com/1222385"
},
{
"category": "self",
"summary": "SUSE Bug 1222435",
"url": "https://bugzilla.suse.com/1222435"
},
{
"category": "self",
"summary": "SUSE Bug 1222809",
"url": "https://bugzilla.suse.com/1222809"
},
{
"category": "self",
"summary": "SUSE Bug 1222866",
"url": "https://bugzilla.suse.com/1222866"
},
{
"category": "self",
"summary": "SUSE Bug 1222879",
"url": "https://bugzilla.suse.com/1222879"
},
{
"category": "self",
"summary": "SUSE Bug 1222893",
"url": "https://bugzilla.suse.com/1222893"
},
{
"category": "self",
"summary": "SUSE Bug 1223013",
"url": "https://bugzilla.suse.com/1223013"
},
{
"category": "self",
"summary": "SUSE Bug 1223018",
"url": "https://bugzilla.suse.com/1223018"
},
{
"category": "self",
"summary": "SUSE Bug 1223021",
"url": "https://bugzilla.suse.com/1223021"
},
{
"category": "self",
"summary": "SUSE Bug 1223043",
"url": "https://bugzilla.suse.com/1223043"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223532",
"url": "https://bugzilla.suse.com/1223532"
},
{
"category": "self",
"summary": "SUSE Bug 1223641",
"url": "https://bugzilla.suse.com/1223641"
},
{
"category": "self",
"summary": "SUSE Bug 1224177",
"url": "https://bugzilla.suse.com/1224177"
},
{
"category": "self",
"summary": "SUSE Bug 1224432",
"url": "https://bugzilla.suse.com/1224432"
},
{
"category": "self",
"summary": "SUSE Bug 1224504",
"url": "https://bugzilla.suse.com/1224504"
},
{
"category": "self",
"summary": "SUSE Bug 1224549",
"url": "https://bugzilla.suse.com/1224549"
},
{
"category": "self",
"summary": "SUSE Bug 1224552",
"url": "https://bugzilla.suse.com/1224552"
},
{
"category": "self",
"summary": "SUSE Bug 1224572",
"url": "https://bugzilla.suse.com/1224572"
},
{
"category": "self",
"summary": "SUSE Bug 1224575",
"url": "https://bugzilla.suse.com/1224575"
},
{
"category": "self",
"summary": "SUSE Bug 1224583",
"url": "https://bugzilla.suse.com/1224583"
},
{
"category": "self",
"summary": "SUSE Bug 1224588",
"url": "https://bugzilla.suse.com/1224588"
},
{
"category": "self",
"summary": "SUSE Bug 1224605",
"url": "https://bugzilla.suse.com/1224605"
},
{
"category": "self",
"summary": "SUSE Bug 1224651",
"url": "https://bugzilla.suse.com/1224651"
},
{
"category": "self",
"summary": "SUSE Bug 1224660",
"url": "https://bugzilla.suse.com/1224660"
},
{
"category": "self",
"summary": "SUSE Bug 1224661",
"url": "https://bugzilla.suse.com/1224661"
},
{
"category": "self",
"summary": "SUSE Bug 1224662",
"url": "https://bugzilla.suse.com/1224662"
},
{
"category": "self",
"summary": "SUSE Bug 1224664",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "self",
"summary": "SUSE Bug 1224668",
"url": "https://bugzilla.suse.com/1224668"
},
{
"category": "self",
"summary": "SUSE Bug 1224670",
"url": "https://bugzilla.suse.com/1224670"
},
{
"category": "self",
"summary": "SUSE Bug 1224672",
"url": "https://bugzilla.suse.com/1224672"
},
{
"category": "self",
"summary": "SUSE Bug 1224674",
"url": "https://bugzilla.suse.com/1224674"
},
{
"category": "self",
"summary": "SUSE Bug 1224677",
"url": "https://bugzilla.suse.com/1224677"
},
{
"category": "self",
"summary": "SUSE Bug 1224678",
"url": "https://bugzilla.suse.com/1224678"
},
{
"category": "self",
"summary": "SUSE Bug 1224703",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "self",
"summary": "SUSE Bug 1224735",
"url": "https://bugzilla.suse.com/1224735"
},
{
"category": "self",
"summary": "SUSE Bug 1224739",
"url": "https://bugzilla.suse.com/1224739"
},
{
"category": "self",
"summary": "SUSE Bug 1224763",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "self",
"summary": "SUSE Bug 1224764",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "self",
"summary": "SUSE Bug 1224765",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "self",
"summary": "SUSE Bug 1224946",
"url": "https://bugzilla.suse.com/1224946"
},
{
"category": "self",
"summary": "SUSE Bug 1224951",
"url": "https://bugzilla.suse.com/1224951"
},
{
"category": "self",
"summary": "SUSE Bug 1224967",
"url": "https://bugzilla.suse.com/1224967"
},
{
"category": "self",
"summary": "SUSE Bug 1224976",
"url": "https://bugzilla.suse.com/1224976"
},
{
"category": "self",
"summary": "SUSE Bug 1224977",
"url": "https://bugzilla.suse.com/1224977"
},
{
"category": "self",
"summary": "SUSE Bug 1224978",
"url": "https://bugzilla.suse.com/1224978"
},
{
"category": "self",
"summary": "SUSE Bug 1224993",
"url": "https://bugzilla.suse.com/1224993"
},
{
"category": "self",
"summary": "SUSE Bug 1224997",
"url": "https://bugzilla.suse.com/1224997"
},
{
"category": "self",
"summary": "SUSE Bug 1225047",
"url": "https://bugzilla.suse.com/1225047"
},
{
"category": "self",
"summary": "SUSE Bug 1225140",
"url": "https://bugzilla.suse.com/1225140"
},
{
"category": "self",
"summary": "SUSE Bug 1225184",
"url": "https://bugzilla.suse.com/1225184"
},
{
"category": "self",
"summary": "SUSE Bug 1225203",
"url": "https://bugzilla.suse.com/1225203"
},
{
"category": "self",
"summary": "SUSE Bug 1225232",
"url": "https://bugzilla.suse.com/1225232"
},
{
"category": "self",
"summary": "SUSE Bug 1225261",
"url": "https://bugzilla.suse.com/1225261"
},
{
"category": "self",
"summary": "SUSE Bug 1225306",
"url": "https://bugzilla.suse.com/1225306"
},
{
"category": "self",
"summary": "SUSE Bug 1225337",
"url": "https://bugzilla.suse.com/1225337"
},
{
"category": "self",
"summary": "SUSE Bug 1225372",
"url": "https://bugzilla.suse.com/1225372"
},
{
"category": "self",
"summary": "SUSE Bug 1225463",
"url": "https://bugzilla.suse.com/1225463"
},
{
"category": "self",
"summary": "SUSE Bug 1225484",
"url": "https://bugzilla.suse.com/1225484"
},
{
"category": "self",
"summary": "SUSE Bug 1225487",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "self",
"summary": "SUSE Bug 1225490",
"url": "https://bugzilla.suse.com/1225490"
},
{
"category": "self",
"summary": "SUSE Bug 1225514",
"url": "https://bugzilla.suse.com/1225514"
},
{
"category": "self",
"summary": "SUSE Bug 1225518",
"url": "https://bugzilla.suse.com/1225518"
},
{
"category": "self",
"summary": "SUSE Bug 1225548",
"url": "https://bugzilla.suse.com/1225548"
},
{
"category": "self",
"summary": "SUSE Bug 1225555",
"url": "https://bugzilla.suse.com/1225555"
},
{
"category": "self",
"summary": "SUSE Bug 1225556",
"url": "https://bugzilla.suse.com/1225556"
},
{
"category": "self",
"summary": "SUSE Bug 1225559",
"url": "https://bugzilla.suse.com/1225559"
},
{
"category": "self",
"summary": "SUSE Bug 1225571",
"url": "https://bugzilla.suse.com/1225571"
},
{
"category": "self",
"summary": "SUSE Bug 1225573",
"url": "https://bugzilla.suse.com/1225573"
},
{
"category": "self",
"summary": "SUSE Bug 1225577",
"url": "https://bugzilla.suse.com/1225577"
},
{
"category": "self",
"summary": "SUSE Bug 1225583",
"url": "https://bugzilla.suse.com/1225583"
},
{
"category": "self",
"summary": "SUSE Bug 1225585",
"url": "https://bugzilla.suse.com/1225585"
},
{
"category": "self",
"summary": "SUSE Bug 1225599",
"url": "https://bugzilla.suse.com/1225599"
},
{
"category": "self",
"summary": "SUSE Bug 1225602",
"url": "https://bugzilla.suse.com/1225602"
},
{
"category": "self",
"summary": "SUSE Bug 1225611",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "self",
"summary": "SUSE Bug 1225642",
"url": "https://bugzilla.suse.com/1225642"
},
{
"category": "self",
"summary": "SUSE Bug 1225681",
"url": "https://bugzilla.suse.com/1225681"
},
{
"category": "self",
"summary": "SUSE Bug 1225704",
"url": "https://bugzilla.suse.com/1225704"
},
{
"category": "self",
"summary": "SUSE Bug 1225722",
"url": "https://bugzilla.suse.com/1225722"
},
{
"category": "self",
"summary": "SUSE Bug 1225749",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "self",
"summary": "SUSE Bug 1225758",
"url": "https://bugzilla.suse.com/1225758"
},
{
"category": "self",
"summary": "SUSE Bug 1225760",
"url": "https://bugzilla.suse.com/1225760"
},
{
"category": "self",
"summary": "SUSE Bug 1225761",
"url": "https://bugzilla.suse.com/1225761"
},
{
"category": "self",
"summary": "SUSE Bug 1225767",
"url": "https://bugzilla.suse.com/1225767"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1225815",
"url": "https://bugzilla.suse.com/1225815"
},
{
"category": "self",
"summary": "SUSE Bug 1225840",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "self",
"summary": "SUSE Bug 1225848",
"url": "https://bugzilla.suse.com/1225848"
},
{
"category": "self",
"summary": "SUSE Bug 1225866",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "self",
"summary": "SUSE Bug 1225872",
"url": "https://bugzilla.suse.com/1225872"
},
{
"category": "self",
"summary": "SUSE Bug 1225894",
"url": "https://bugzilla.suse.com/1225894"
},
{
"category": "self",
"summary": "SUSE Bug 1225895",
"url": "https://bugzilla.suse.com/1225895"
},
{
"category": "self",
"summary": "SUSE Bug 1225898",
"url": "https://bugzilla.suse.com/1225898"
},
{
"category": "self",
"summary": "SUSE Bug 1226211",
"url": "https://bugzilla.suse.com/1226211"
},
{
"category": "self",
"summary": "SUSE Bug 1226212",
"url": "https://bugzilla.suse.com/1226212"
},
{
"category": "self",
"summary": "SUSE Bug 1226537",
"url": "https://bugzilla.suse.com/1226537"
},
{
"category": "self",
"summary": "SUSE Bug 1226554",
"url": "https://bugzilla.suse.com/1226554"
},
{
"category": "self",
"summary": "SUSE Bug 1226557",
"url": "https://bugzilla.suse.com/1226557"
},
{
"category": "self",
"summary": "SUSE Bug 1226562",
"url": "https://bugzilla.suse.com/1226562"
},
{
"category": "self",
"summary": "SUSE Bug 1226567",
"url": "https://bugzilla.suse.com/1226567"
},
{
"category": "self",
"summary": "SUSE Bug 1226575",
"url": "https://bugzilla.suse.com/1226575"
},
{
"category": "self",
"summary": "SUSE Bug 1226577",
"url": "https://bugzilla.suse.com/1226577"
},
{
"category": "self",
"summary": "SUSE Bug 1226593",
"url": "https://bugzilla.suse.com/1226593"
},
{
"category": "self",
"summary": "SUSE Bug 1226595",
"url": "https://bugzilla.suse.com/1226595"
},
{
"category": "self",
"summary": "SUSE Bug 1226597",
"url": "https://bugzilla.suse.com/1226597"
},
{
"category": "self",
"summary": "SUSE Bug 1226610",
"url": "https://bugzilla.suse.com/1226610"
},
{
"category": "self",
"summary": "SUSE Bug 1226614",
"url": "https://bugzilla.suse.com/1226614"
},
{
"category": "self",
"summary": "SUSE Bug 1226619",
"url": "https://bugzilla.suse.com/1226619"
},
{
"category": "self",
"summary": "SUSE Bug 1226621",
"url": "https://bugzilla.suse.com/1226621"
},
{
"category": "self",
"summary": "SUSE Bug 1226634",
"url": "https://bugzilla.suse.com/1226634"
},
{
"category": "self",
"summary": "SUSE Bug 1226637",
"url": "https://bugzilla.suse.com/1226637"
},
{
"category": "self",
"summary": "SUSE Bug 1226670",
"url": "https://bugzilla.suse.com/1226670"
},
{
"category": "self",
"summary": "SUSE Bug 1226672",
"url": "https://bugzilla.suse.com/1226672"
},
{
"category": "self",
"summary": "SUSE Bug 1226692",
"url": "https://bugzilla.suse.com/1226692"
},
{
"category": "self",
"summary": "SUSE Bug 1226698",
"url": "https://bugzilla.suse.com/1226698"
},
{
"category": "self",
"summary": "SUSE Bug 1226699",
"url": "https://bugzilla.suse.com/1226699"
},
{
"category": "self",
"summary": "SUSE Bug 1226701",
"url": "https://bugzilla.suse.com/1226701"
},
{
"category": "self",
"summary": "SUSE Bug 1226705",
"url": "https://bugzilla.suse.com/1226705"
},
{
"category": "self",
"summary": "SUSE Bug 1226708",
"url": "https://bugzilla.suse.com/1226708"
},
{
"category": "self",
"summary": "SUSE Bug 1226711",
"url": "https://bugzilla.suse.com/1226711"
},
{
"category": "self",
"summary": "SUSE Bug 1226712",
"url": "https://bugzilla.suse.com/1226712"
},
{
"category": "self",
"summary": "SUSE Bug 1226716",
"url": "https://bugzilla.suse.com/1226716"
},
{
"category": "self",
"summary": "SUSE Bug 1226718",
"url": "https://bugzilla.suse.com/1226718"
},
{
"category": "self",
"summary": "SUSE Bug 1226732",
"url": "https://bugzilla.suse.com/1226732"
},
{
"category": "self",
"summary": "SUSE Bug 1226735",
"url": "https://bugzilla.suse.com/1226735"
},
{
"category": "self",
"summary": "SUSE Bug 1226744",
"url": "https://bugzilla.suse.com/1226744"
},
{
"category": "self",
"summary": "SUSE Bug 1226746",
"url": "https://bugzilla.suse.com/1226746"
},
{
"category": "self",
"summary": "SUSE Bug 1226747",
"url": "https://bugzilla.suse.com/1226747"
},
{
"category": "self",
"summary": "SUSE Bug 1226749",
"url": "https://bugzilla.suse.com/1226749"
},
{
"category": "self",
"summary": "SUSE Bug 1226754",
"url": "https://bugzilla.suse.com/1226754"
},
{
"category": "self",
"summary": "SUSE Bug 1226767",
"url": "https://bugzilla.suse.com/1226767"
},
{
"category": "self",
"summary": "SUSE Bug 1226769",
"url": "https://bugzilla.suse.com/1226769"
},
{
"category": "self",
"summary": "SUSE Bug 1226857",
"url": "https://bugzilla.suse.com/1226857"
},
{
"category": "self",
"summary": "SUSE Bug 1226876",
"url": "https://bugzilla.suse.com/1226876"
},
{
"category": "self",
"summary": "SUSE Bug 1226883",
"url": "https://bugzilla.suse.com/1226883"
},
{
"category": "self",
"summary": "SUSE Bug 1226886",
"url": "https://bugzilla.suse.com/1226886"
},
{
"category": "self",
"summary": "SUSE Bug 1226895",
"url": "https://bugzilla.suse.com/1226895"
},
{
"category": "self",
"summary": "SUSE Bug 1226948",
"url": "https://bugzilla.suse.com/1226948"
},
{
"category": "self",
"summary": "SUSE Bug 1226949",
"url": "https://bugzilla.suse.com/1226949"
},
{
"category": "self",
"summary": "SUSE Bug 1226950",
"url": "https://bugzilla.suse.com/1226950"
},
{
"category": "self",
"summary": "SUSE Bug 1226962",
"url": "https://bugzilla.suse.com/1226962"
},
{
"category": "self",
"summary": "SUSE Bug 1226976",
"url": "https://bugzilla.suse.com/1226976"
},
{
"category": "self",
"summary": "SUSE Bug 1226996",
"url": "https://bugzilla.suse.com/1226996"
},
{
"category": "self",
"summary": "SUSE Bug 1227101",
"url": "https://bugzilla.suse.com/1227101"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10135 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43389 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4439 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47103 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47191 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47193 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47267 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47270 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47293 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47294 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47297 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47309 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47309/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47328 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47354 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47372 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47379 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47407 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47418 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47434 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47445 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47518 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47544 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47566 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47571 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47576 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47587 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47589 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47589/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47600 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47602 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47603 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0435 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-22942 page",
"url": "https://www.suse.com/security/cve/CVE-2022-22942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48711 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48722 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48732 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48733 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48740 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48743 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48754 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48756 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48758 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48759 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48760 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48761 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48771 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48772 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-24023 page",
"url": "https://www.suse.com/security/cve/CVE-2023-24023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52675 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52737 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52754 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52757 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52762 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52764 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52784 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52808 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52809 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52811 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52832 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52834 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52835 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52843 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52845 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52855 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26687 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26720 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26813 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26845 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27399 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27410 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35247 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35835 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35870 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35976 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36479 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36592 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36880 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37354 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38544 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38545 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38549 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38552 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38567 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38578 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38579 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38580 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38597 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38627 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38659 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38780 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38780/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-07-09T14:01:02Z",
"generator": {
"date": "2024-07-09T14:01:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2360-1",
"initial_release_date": "2024-07-09T14:01:02Z",
"revision_history": [
{
"date": "2024-07-09T14:01:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-4.12.14-16.191.1.noarch",
"product": {
"name": "kernel-devel-azure-4.12.14-16.191.1.noarch",
"product_id": "kernel-devel-azure-4.12.14-16.191.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-4.12.14-16.191.1.noarch",
"product": {
"name": "kernel-source-azure-4.12.14-16.191.1.noarch",
"product_id": "kernel-source-azure-4.12.14-16.191.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-4.12.14-16.191.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-4.12.14-16.191.1.x86_64",
"product_id": "cluster-md-kmp-azure-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-4.12.14-16.191.1.x86_64",
"product": {
"name": "dlm-kmp-azure-4.12.14-16.191.1.x86_64",
"product_id": "dlm-kmp-azure-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-4.12.14-16.191.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-4.12.14-16.191.1.x86_64",
"product_id": "gfs2-kmp-azure-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-4.12.14-16.191.1.x86_64",
"product": {
"name": "kernel-azure-4.12.14-16.191.1.x86_64",
"product_id": "kernel-azure-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-base-4.12.14-16.191.1.x86_64",
"product": {
"name": "kernel-azure-base-4.12.14-16.191.1.x86_64",
"product_id": "kernel-azure-base-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-4.12.14-16.191.1.x86_64",
"product": {
"name": "kernel-azure-devel-4.12.14-16.191.1.x86_64",
"product_id": "kernel-azure-devel-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-4.12.14-16.191.1.x86_64",
"product": {
"name": "kernel-azure-extra-4.12.14-16.191.1.x86_64",
"product_id": "kernel-azure-extra-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-kgraft-devel-4.12.14-16.191.1.x86_64",
"product": {
"name": "kernel-azure-kgraft-devel-4.12.14-16.191.1.x86_64",
"product_id": "kernel-azure-kgraft-devel-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-4.12.14-16.191.1.x86_64",
"product": {
"name": "kernel-syms-azure-4.12.14-16.191.1.x86_64",
"product_id": "kernel-syms-azure-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-4.12.14-16.191.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-4.12.14-16.191.1.x86_64",
"product_id": "kselftests-kmp-azure-4.12.14-16.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-4.12.14-16.191.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-4.12.14-16.191.1.x86_64",
"product_id": "ocfs2-kmp-azure-4.12.14-16.191.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.191.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.191.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.191.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.191.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.191.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.191.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.191.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.191.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-4.12.14-16.191.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64"
},
"product_reference": "kernel-azure-4.12.14-16.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-base-4.12.14-16.191.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64"
},
"product_reference": "kernel-azure-base-4.12.14-16.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-4.12.14-16.191.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64"
},
"product_reference": "kernel-azure-devel-4.12.14-16.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-4.12.14-16.191.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch"
},
"product_reference": "kernel-devel-azure-4.12.14-16.191.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-4.12.14-16.191.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch"
},
"product_reference": "kernel-source-azure-4.12.14-16.191.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-4.12.14-16.191.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
},
"product_reference": "kernel-syms-azure-4.12.14-16.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-10135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10135"
}
],
"notes": [
{
"category": "general",
"text": "Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10135",
"url": "https://www.suse.com/security/cve/CVE-2020-10135"
},
{
"category": "external",
"summary": "SUSE Bug 1171988 for CVE-2020-10135",
"url": "https://bugzilla.suse.com/1171988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2020-10135"
},
{
"cve": "CVE-2021-43389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43389"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43389",
"url": "https://www.suse.com/security/cve/CVE-2021-43389"
},
{
"category": "external",
"summary": "SUSE Bug 1191958 for CVE-2021-43389",
"url": "https://bugzilla.suse.com/1191958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-43389"
},
{
"cve": "CVE-2021-4439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: cpai: check ctr-\u003ecnr to avoid array index out of bound\n\nThe cmtp_add_connection() would add a cmtp session to a controller\nand run a kernel thread to process cmtp.\n\n\t__module_get(THIS_MODULE);\n\tsession-\u003etask = kthread_run(cmtp_session, session, \"kcmtpd_ctr_%d\",\n\t\t\t\t\t\t\t\tsession-\u003enum);\n\nDuring this process, the kernel thread would call detach_capi_ctr()\nto detach a register controller. if the controller\nwas not attached yet, detach_capi_ctr() would\ntrigger an array-index-out-bounds bug.\n\n[ 46.866069][ T6479] UBSAN: array-index-out-of-bounds in\ndrivers/isdn/capi/kcapi.c:483:21\n[ 46.867196][ T6479] index -1 is out of range for type \u0027capi_ctr *[32]\u0027\n[ 46.867982][ T6479] CPU: 1 PID: 6479 Comm: kcmtpd_ctr_0 Not tainted\n5.15.0-rc2+ #8\n[ 46.869002][ T6479] Hardware name: QEMU Standard PC (i440FX + PIIX,\n1996), BIOS 1.14.0-2 04/01/2014\n[ 46.870107][ T6479] Call Trace:\n[ 46.870473][ T6479] dump_stack_lvl+0x57/0x7d\n[ 46.870974][ T6479] ubsan_epilogue+0x5/0x40\n[ 46.871458][ T6479] __ubsan_handle_out_of_bounds.cold+0x43/0x48\n[ 46.872135][ T6479] detach_capi_ctr+0x64/0xc0\n[ 46.872639][ T6479] cmtp_session+0x5c8/0x5d0\n[ 46.873131][ T6479] ? __init_waitqueue_head+0x60/0x60\n[ 46.873712][ T6479] ? cmtp_add_msgpart+0x120/0x120\n[ 46.874256][ T6479] kthread+0x147/0x170\n[ 46.874709][ T6479] ? set_kthread_struct+0x40/0x40\n[ 46.875248][ T6479] ret_from_fork+0x1f/0x30\n[ 46.875773][ T6479]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4439",
"url": "https://www.suse.com/security/cve/CVE-2021-4439"
},
{
"category": "external",
"summary": "SUSE Bug 1226670 for CVE-2021-4439",
"url": "https://bugzilla.suse.com/1226670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-4439"
},
{
"cve": "CVE-2021-47103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: fully convert sk-\u003esk_rx_dst to RCU rules\n\nsyzbot reported various issues around early demux,\none being included in this changelog [1]\n\nsk-\u003esk_rx_dst is using RCU protection without clearly\ndocumenting it.\n\nAnd following sequences in tcp_v4_do_rcv()/tcp_v6_do_rcv()\nare not following standard RCU rules.\n\n[a] dst_release(dst);\n[b] sk-\u003esk_rx_dst = NULL;\n\nThey look wrong because a delete operation of RCU protected\npointer is supposed to clear the pointer before\nthe call_rcu()/synchronize_rcu() guarding actual memory freeing.\n\nIn some cases indeed, dst could be freed before [b] is done.\n\nWe could cheat by clearing sk_rx_dst before calling\ndst_release(), but this seems the right time to stick\nto standard RCU annotations and debugging facilities.\n\n[1]\nBUG: KASAN: use-after-free in dst_check include/net/dst.h:470 [inline]\nBUG: KASAN: use-after-free in tcp_v4_early_demux+0x95b/0x960 net/ipv4/tcp_ipv4.c:1792\nRead of size 2 at addr ffff88807f1cb73a by task syz-executor.5/9204\n\nCPU: 0 PID: 9204 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x320 mm/kasan/report.c:247\n __kasan_report mm/kasan/report.c:433 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:450\n dst_check include/net/dst.h:470 [inline]\n tcp_v4_early_demux+0x95b/0x960 net/ipv4/tcp_ipv4.c:1792\n ip_rcv_finish_core.constprop.0+0x15de/0x1e80 net/ipv4/ip_input.c:340\n ip_list_rcv_finish.constprop.0+0x1b2/0x6e0 net/ipv4/ip_input.c:583\n ip_sublist_rcv net/ipv4/ip_input.c:609 [inline]\n ip_list_rcv+0x34e/0x490 net/ipv4/ip_input.c:644\n __netif_receive_skb_list_ptype net/core/dev.c:5508 [inline]\n __netif_receive_skb_list_core+0x549/0x8e0 net/core/dev.c:5556\n __netif_receive_skb_list net/core/dev.c:5608 [inline]\n netif_receive_skb_list_internal+0x75e/0xd80 net/core/dev.c:5699\n gro_normal_list net/core/dev.c:5853 [inline]\n gro_normal_list net/core/dev.c:5849 [inline]\n napi_complete_done+0x1f1/0x880 net/core/dev.c:6590\n virtqueue_napi_complete drivers/net/virtio_net.c:339 [inline]\n virtnet_poll+0xca2/0x11b0 drivers/net/virtio_net.c:1557\n __napi_poll+0xaf/0x440 net/core/dev.c:7023\n napi_poll net/core/dev.c:7090 [inline]\n net_rx_action+0x801/0xb40 net/core/dev.c:7177\n __do_softirq+0x29b/0x9c2 kernel/softirq.c:558\n invoke_softirq kernel/softirq.c:432 [inline]\n __irq_exit_rcu+0x123/0x180 kernel/softirq.c:637\n irq_exit_rcu+0x5/0x20 kernel/softirq.c:649\n common_interrupt+0x52/0xc0 arch/x86/kernel/irq.c:240\n asm_common_interrupt+0x1e/0x40 arch/x86/include/asm/idtentry.h:629\nRIP: 0033:0x7f5e972bfd57\nCode: 39 d1 73 14 0f 1f 80 00 00 00 00 48 8b 50 f8 48 83 e8 08 48 39 ca 77 f3 48 39 c3 73 3e 48 89 13 48 8b 50 f8 48 89 38 49 8b 0e \u003c48\u003e 8b 3e 48 83 c3 08 48 83 c6 08 eb bc 48 39 d1 72 9e 48 39 d0 73\nRSP: 002b:00007fff8a413210 EFLAGS: 00000283\nRAX: 00007f5e97108990 RBX: 00007f5e97108338 RCX: ffffffff81d3aa45\nRDX: ffffffff81d3aa45 RSI: 00007f5e97108340 RDI: ffffffff81d3aa45\nRBP: 00007f5e97107eb8 R08: 00007f5e97108d88 R09: 0000000093c2e8d9\nR10: 0000000000000000 R11: 0000000000000000 R12: 00007f5e97107eb0\nR13: 00007f5e97108338 R14: 00007f5e97107ea8 R15: 0000000000000019\n \u003c/TASK\u003e\n\nAllocated by task 13:\n kasan_save_stack+0x1e/0x50 mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:46 [inline]\n set_alloc_info mm/kasan/common.c:434 [inline]\n __kasan_slab_alloc+0x90/0xc0 mm/kasan/common.c:467\n kasan_slab_alloc include/linux/kasan.h:259 [inline]\n slab_post_alloc_hook mm/slab.h:519 [inline]\n slab_alloc_node mm/slub.c:3234 [inline]\n slab_alloc mm/slub.c:3242 [inline]\n kmem_cache_alloc+0x202/0x3a0 mm/slub.c:3247\n dst_alloc+0x146/0x1f0 net/core/dst.c:92\n rt_dst_alloc+0x73/0x430 net/ipv4/route.c:1613\n ip_route_input_slow+0x1817/0x3a20 net/ipv4/route.c:234\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47103",
"url": "https://www.suse.com/security/cve/CVE-2021-47103"
},
{
"category": "external",
"summary": "SUSE Bug 1221010 for CVE-2021-47103",
"url": "https://bugzilla.suse.com/1221010"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47103"
},
{
"cve": "CVE-2021-47191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47191"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix out-of-bound read in resp_readcap16()\n\nThe following warning was observed running syzkaller:\n\n[ 3813.830724] sg_write: data in/out 65466/242 bytes for SCSI command 0x9e-- guessing data in;\n[ 3813.830724] program syz-executor not setting count and/or reply_len properly\n[ 3813.836956] ==================================================================\n[ 3813.839465] BUG: KASAN: stack-out-of-bounds in sg_copy_buffer+0x157/0x1e0\n[ 3813.841773] Read of size 4096 at addr ffff8883cf80f540 by task syz-executor/1549\n[ 3813.846612] Call Trace:\n[ 3813.846995] dump_stack+0x108/0x15f\n[ 3813.847524] print_address_description+0xa5/0x372\n[ 3813.848243] kasan_report.cold+0x236/0x2a8\n[ 3813.849439] check_memory_region+0x240/0x270\n[ 3813.850094] memcpy+0x30/0x80\n[ 3813.850553] sg_copy_buffer+0x157/0x1e0\n[ 3813.853032] sg_copy_from_buffer+0x13/0x20\n[ 3813.853660] fill_from_dev_buffer+0x135/0x370\n[ 3813.854329] resp_readcap16+0x1ac/0x280\n[ 3813.856917] schedule_resp+0x41f/0x1630\n[ 3813.858203] scsi_debug_queuecommand+0xb32/0x17e0\n[ 3813.862699] scsi_dispatch_cmd+0x330/0x950\n[ 3813.863329] scsi_request_fn+0xd8e/0x1710\n[ 3813.863946] __blk_run_queue+0x10b/0x230\n[ 3813.864544] blk_execute_rq_nowait+0x1d8/0x400\n[ 3813.865220] sg_common_write.isra.0+0xe61/0x2420\n[ 3813.871637] sg_write+0x6c8/0xef0\n[ 3813.878853] __vfs_write+0xe4/0x800\n[ 3813.883487] vfs_write+0x17b/0x530\n[ 3813.884008] ksys_write+0x103/0x270\n[ 3813.886268] __x64_sys_write+0x77/0xc0\n[ 3813.886841] do_syscall_64+0x106/0x360\n[ 3813.887415] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nThis issue can be reproduced with the following syzkaller log:\n\nr0 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x26e1, 0x0)\nr1 = syz_open_procfs(0xffffffffffffffff, \u0026(0x7f0000000000)=\u0027fd/3\\x00\u0027)\nopen_by_handle_at(r1, \u0026(0x7f00000003c0)=ANY=[@ANYRESHEX], 0x602000)\nr2 = syz_open_dev$sg(\u0026(0x7f0000000000), 0x0, 0x40782)\nwrite$binfmt_aout(r2, \u0026(0x7f0000000340)=ANY=[@ANYBLOB=\"00000000deff000000000000000000000000000000000000000000000000000047f007af9e107a41ec395f1bded7be24277a1501ff6196a83366f4e6362bc0ff2b247f68a972989b094b2da4fb3607fcf611a22dd04310d28c75039d\"], 0x126)\n\nIn resp_readcap16() we get \"int alloc_len\" value -1104926854, and then pass\nthe huge arr_len to fill_from_dev_buffer(), but arr is only 32 bytes. This\nleads to OOB in sg_copy_buffer().\n\nTo solve this issue, define alloc_len as u32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47191",
"url": "https://www.suse.com/security/cve/CVE-2021-47191"
},
{
"category": "external",
"summary": "SUSE Bug 1222866 for CVE-2021-47191",
"url": "https://bugzilla.suse.com/1222866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47191"
},
{
"cve": "CVE-2021-47193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47193"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Fix memory leak during rmmod\n\nDriver failed to release all memory allocated. This would lead to memory\nleak during driver removal.\n\nProperly free memory when the module is removed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47193",
"url": "https://www.suse.com/security/cve/CVE-2021-47193"
},
{
"category": "external",
"summary": "SUSE Bug 1222879 for CVE-2021-47193",
"url": "https://bugzilla.suse.com/1222879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47193"
},
{
"cve": "CVE-2021-47267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47267"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: fix various gadget panics on 10gbps cabling\n\nusb_assign_descriptors() is called with 5 parameters,\nthe last 4 of which are the usb_descriptor_header for:\n full-speed (USB1.1 - 12Mbps [including USB1.0 low-speed @ 1.5Mbps),\n high-speed (USB2.0 - 480Mbps),\n super-speed (USB3.0 - 5Gbps),\n super-speed-plus (USB3.1 - 10Gbps).\n\nThe differences between full/high/super-speed descriptors are usually\nsubstantial (due to changes in the maximum usb block size from 64 to 512\nto 1024 bytes and other differences in the specs), while the difference\nbetween 5 and 10Gbps descriptors may be as little as nothing\n(in many cases the same tuning is simply good enough).\n\nHowever if a gadget driver calls usb_assign_descriptors() with\na NULL descriptor for super-speed-plus and is then used on a max 10gbps\nconfiguration, the kernel will crash with a null pointer dereference,\nwhen a 10gbps capable device port + cable + host port combination shows up.\n(This wouldn\u0027t happen if the gadget max-speed was set to 5gbps, but\nit of course defaults to the maximum, and there\u0027s no real reason to\nartificially limit it)\n\nThe fix is to simply use the 5gbps descriptor as the 10gbps descriptor,\nif a 10gbps descriptor wasn\u0027t provided.\n\nObviously this won\u0027t fix the problem if the 5gbps descriptor is also\nNULL, but such cases can\u0027t be so trivially solved (and any such gadgets\nare unlikely to be used with USB3 ports any way).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47267",
"url": "https://www.suse.com/security/cve/CVE-2021-47267"
},
{
"category": "external",
"summary": "SUSE Bug 1224993 for CVE-2021-47267",
"url": "https://bugzilla.suse.com/1224993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47267"
},
{
"cve": "CVE-2021-47270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47270"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: fix various gadgets null ptr deref on 10gbps cabling.\n\nThis avoids a null pointer dereference in\nf_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm}\nby simply reusing the 5gbps config for 10gbps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47270",
"url": "https://www.suse.com/security/cve/CVE-2021-47270"
},
{
"category": "external",
"summary": "SUSE Bug 1224997 for CVE-2021-47270",
"url": "https://bugzilla.suse.com/1224997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47270"
},
{
"cve": "CVE-2021-47293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47293"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_skbmod: Skip non-Ethernet packets\n\nCurrently tcf_skbmod_act() assumes that packets use Ethernet as their L2\nprotocol, which is not always the case. As an example, for CAN devices:\n\n\t$ ip link add dev vcan0 type vcan\n\t$ ip link set up vcan0\n\t$ tc qdisc add dev vcan0 root handle 1: htb\n\t$ tc filter add dev vcan0 parent 1: protocol ip prio 10 \\\n\t\tmatchall action skbmod swap mac\n\nDoing the above silently corrupts all the packets. Do not perform skbmod\nactions for non-Ethernet packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47293",
"url": "https://www.suse.com/security/cve/CVE-2021-47293"
},
{
"category": "external",
"summary": "SUSE Bug 1224978 for CVE-2021-47293",
"url": "https://bugzilla.suse.com/1224978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47293"
},
{
"cve": "CVE-2021-47294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47294"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: Decrease sock refcount when sock timers expire\n\nCommit 63346650c1a9 (\"netrom: switch to sock timer API\") switched to use\nsock timer API. It replaces mod_timer() by sk_reset_timer(), and\ndel_timer() by sk_stop_timer().\n\nFunction sk_reset_timer() will increase the refcount of sock if it is\ncalled on an inactive timer, hence, in case the timer expires, we need to\ndecrease the refcount ourselves in the handler, otherwise, the sock\nrefcount will be unbalanced and the sock will never be freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47294",
"url": "https://www.suse.com/security/cve/CVE-2021-47294"
},
{
"category": "external",
"summary": "SUSE Bug 1224977 for CVE-2021-47294",
"url": "https://bugzilla.suse.com/1224977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47294"
},
{
"cve": "CVE-2021-47297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47297"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix uninit-value in caif_seqpkt_sendmsg\n\nWhen nr_segs equal to zero in iovec_from_user, the object\nmsg-\u003emsg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg\nwhich is defined in ___sys_sendmsg. So we cann\u0027t just judge\nmsg-\u003emsg_iter.iov-\u003ebase directlly. We can use nr_segs to judge\nmsg in caif_seqpkt_sendmsg whether has data buffers.\n\n=====================================================\nBUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1c9/0x220 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\n sock_sendmsg_nosec net/socket.c:652 [inline]\n sock_sendmsg net/socket.c:672 [inline]\n ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343\n ___sys_sendmsg net/socket.c:2397 [inline]\n __sys_sendmmsg+0x808/0xc90 net/socket.c:2480\n __compat_sys_sendmmsg net/compat.c:656 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47297",
"url": "https://www.suse.com/security/cve/CVE-2021-47297"
},
{
"category": "external",
"summary": "SUSE Bug 1224976 for CVE-2021-47297",
"url": "https://bugzilla.suse.com/1224976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47297"
},
{
"cve": "CVE-2021-47309",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47309"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: validate lwtstate-\u003edata before returning from skb_tunnel_info()\n\nskb_tunnel_info() returns pointer of lwtstate-\u003edata as ip_tunnel_info\ntype without validation. lwtstate-\u003edata can have various types such as\nmpls_iptunnel_encap, etc and these are not compatible.\nSo skb_tunnel_info() should validate before returning that pointer.\n\nSplat looks like:\nBUG: KASAN: slab-out-of-bounds in vxlan_get_route+0x418/0x4b0 [vxlan]\nRead of size 2 at addr ffff888106ec2698 by task ping/811\n\nCPU: 1 PID: 811 Comm: ping Not tainted 5.13.0+ #1195\nCall Trace:\n dump_stack_lvl+0x56/0x7b\n print_address_description.constprop.8.cold.13+0x13/0x2ee\n ? vxlan_get_route+0x418/0x4b0 [vxlan]\n ? vxlan_get_route+0x418/0x4b0 [vxlan]\n kasan_report.cold.14+0x83/0xdf\n ? vxlan_get_route+0x418/0x4b0 [vxlan]\n vxlan_get_route+0x418/0x4b0 [vxlan]\n [ ... ]\n vxlan_xmit_one+0x148b/0x32b0 [vxlan]\n [ ... ]\n vxlan_xmit+0x25c5/0x4780 [vxlan]\n [ ... ]\n dev_hard_start_xmit+0x1ae/0x6e0\n __dev_queue_xmit+0x1f39/0x31a0\n [ ... ]\n neigh_xmit+0x2f9/0x940\n mpls_xmit+0x911/0x1600 [mpls_iptunnel]\n lwtunnel_xmit+0x18f/0x450\n ip_finish_output2+0x867/0x2040\n [ ... ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47309",
"url": "https://www.suse.com/security/cve/CVE-2021-47309"
},
{
"category": "external",
"summary": "SUSE Bug 1224967 for CVE-2021-47309",
"url": "https://bugzilla.suse.com/1224967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47309"
},
{
"cve": "CVE-2021-47328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47328"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix conn use after free during resets\n\nIf we haven\u0027t done a unbind target call we can race where\niscsi_conn_teardown wakes up the EH thread and then frees the conn while\nthose threads are still accessing the conn ehwait.\n\nWe can only do one TMF per session so this just moves the TMF fields from\nthe conn to the session. We can then rely on the\niscsi_session_teardown-\u003eiscsi_remove_session-\u003e__iscsi_unbind_session call\nto remove the target and it\u0027s devices, and know after that point there is\nno device or scsi-ml callout trying to access the session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47328",
"url": "https://www.suse.com/security/cve/CVE-2021-47328"
},
{
"category": "external",
"summary": "SUSE Bug 1225047 for CVE-2021-47328",
"url": "https://bugzilla.suse.com/1225047"
},
{
"category": "external",
"summary": "SUSE Bug 1225080 for CVE-2021-47328",
"url": "https://bugzilla.suse.com/1225080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47328"
},
{
"cve": "CVE-2021-47354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47354"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Avoid data corruptions\n\nWait for all dependencies of a job to complete before\nkilling it to avoid data corruptions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47354",
"url": "https://www.suse.com/security/cve/CVE-2021-47354"
},
{
"category": "external",
"summary": "SUSE Bug 1225140 for CVE-2021-47354",
"url": "https://bugzilla.suse.com/1225140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47354"
},
{
"cve": "CVE-2021-47372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47372"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: fix use after free on rmmod\n\nplat_dev-\u003edev-\u003eplatform_data is released by platform_device_unregister(),\nuse of pclk and hclk is a use-after-free. Since device unregister won\u0027t\nneed a clk device we adjust the function call sequence to fix this issue.\n\n[ 31.261225] BUG: KASAN: use-after-free in macb_remove+0x77/0xc6 [macb_pci]\n[ 31.275563] Freed by task 306:\n[ 30.276782] platform_device_release+0x25/0x80",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47372",
"url": "https://www.suse.com/security/cve/CVE-2021-47372"
},
{
"category": "external",
"summary": "SUSE Bug 1225184 for CVE-2021-47372",
"url": "https://bugzilla.suse.com/1225184"
},
{
"category": "external",
"summary": "SUSE Bug 1229946 for CVE-2021-47372",
"url": "https://bugzilla.suse.com/1229946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2021-47372"
},
{
"cve": "CVE-2021-47379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd\n\nKASAN reports a use-after-free report when doing fuzz test:\n\n[693354.104835] ==================================================================\n[693354.105094] BUG: KASAN: use-after-free in bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105336] Read of size 4 at addr ffff888be0a35664 by task sh/1453338\n\n[693354.105607] CPU: 41 PID: 1453338 Comm: sh Kdump: loaded Not tainted 4.18.0-147\n[693354.105610] Hardware name: Huawei 2288H V5/BC11SPSCB0, BIOS 0.81 07/02/2018\n[693354.105612] Call Trace:\n[693354.105621] dump_stack+0xf1/0x19b\n[693354.105626] ? show_regs_print_info+0x5/0x5\n[693354.105634] ? printk+0x9c/0xc3\n[693354.105638] ? cpumask_weight+0x1f/0x1f\n[693354.105648] print_address_description+0x70/0x360\n[693354.105654] kasan_report+0x1b2/0x330\n[693354.105659] ? bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105665] ? bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105670] bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105675] ? bfq_cpd_init+0x20/0x20\n[693354.105683] cgroup_file_write+0x3aa/0x510\n[693354.105693] ? ___slab_alloc+0x507/0x540\n[693354.105698] ? cgroup_file_poll+0x60/0x60\n[693354.105702] ? 0xffffffff89600000\n[693354.105708] ? usercopy_abort+0x90/0x90\n[693354.105716] ? mutex_lock+0xef/0x180\n[693354.105726] kernfs_fop_write+0x1ab/0x280\n[693354.105732] ? cgroup_file_poll+0x60/0x60\n[693354.105738] vfs_write+0xe7/0x230\n[693354.105744] ksys_write+0xb0/0x140\n[693354.105749] ? __ia32_sys_read+0x50/0x50\n[693354.105760] do_syscall_64+0x112/0x370\n[693354.105766] ? syscall_return_slowpath+0x260/0x260\n[693354.105772] ? do_page_fault+0x9b/0x270\n[693354.105779] ? prepare_exit_to_usermode+0xf9/0x1a0\n[693354.105784] ? enter_from_user_mode+0x30/0x30\n[693354.105793] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n[693354.105875] Allocated by task 1453337:\n[693354.106001] kasan_kmalloc+0xa0/0xd0\n[693354.106006] kmem_cache_alloc_node_trace+0x108/0x220\n[693354.106010] bfq_pd_alloc+0x96/0x120\n[693354.106015] blkcg_activate_policy+0x1b7/0x2b0\n[693354.106020] bfq_create_group_hierarchy+0x1e/0x80\n[693354.106026] bfq_init_queue+0x678/0x8c0\n[693354.106031] blk_mq_init_sched+0x1f8/0x460\n[693354.106037] elevator_switch_mq+0xe1/0x240\n[693354.106041] elevator_switch+0x25/0x40\n[693354.106045] elv_iosched_store+0x1a1/0x230\n[693354.106049] queue_attr_store+0x78/0xb0\n[693354.106053] kernfs_fop_write+0x1ab/0x280\n[693354.106056] vfs_write+0xe7/0x230\n[693354.106060] ksys_write+0xb0/0x140\n[693354.106064] do_syscall_64+0x112/0x370\n[693354.106069] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n[693354.106114] Freed by task 1453336:\n[693354.106225] __kasan_slab_free+0x130/0x180\n[693354.106229] kfree+0x90/0x1b0\n[693354.106233] blkcg_deactivate_policy+0x12c/0x220\n[693354.106238] bfq_exit_queue+0xf5/0x110\n[693354.106241] blk_mq_exit_sched+0x104/0x130\n[693354.106245] __elevator_exit+0x45/0x60\n[693354.106249] elevator_switch_mq+0xd6/0x240\n[693354.106253] elevator_switch+0x25/0x40\n[693354.106257] elv_iosched_store+0x1a1/0x230\n[693354.106261] queue_attr_store+0x78/0xb0\n[693354.106264] kernfs_fop_write+0x1ab/0x280\n[693354.106268] vfs_write+0xe7/0x230\n[693354.106271] ksys_write+0xb0/0x140\n[693354.106275] do_syscall_64+0x112/0x370\n[693354.106280] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n[693354.106329] The buggy address belongs to the object at ffff888be0a35580\n which belongs to the cache kmalloc-1k of size 1024\n[693354.106736] The buggy address is located 228 bytes inside of\n 1024-byte region [ffff888be0a35580, ffff888be0a35980)\n[693354.107114] The buggy address belongs to the page:\n[693354.107273] page:ffffea002f828c00 count:1 mapcount:0 mapping:ffff888107c17080 index:0x0 compound_mapcount: 0\n[693354.107606] flags: 0x17ffffc0008100(slab|head)\n[693354.107760] raw: 0017ffffc0008100 ffffea002fcbc808 ffffea0030bd3a08 ffff888107c17080\n[693354.108020] r\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47379",
"url": "https://www.suse.com/security/cve/CVE-2021-47379"
},
{
"category": "external",
"summary": "SUSE Bug 1225203 for CVE-2021-47379",
"url": "https://bugzilla.suse.com/1225203"
},
{
"category": "external",
"summary": "SUSE Bug 1225204 for CVE-2021-47379",
"url": "https://bugzilla.suse.com/1225204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47379"
},
{
"cve": "CVE-2021-47407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47407"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Handle SRCU initialization failure during page track init\n\nCheck the return of init_srcu_struct(), which can fail due to OOM, when\ninitializing the page track mechanism. Lack of checking leads to a NULL\npointer deref found by a modified syzkaller.\n\n[Move the call towards the beginning of kvm_arch_init_vm. - Paolo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47407",
"url": "https://www.suse.com/security/cve/CVE-2021-47407"
},
{
"category": "external",
"summary": "SUSE Bug 1225306 for CVE-2021-47407",
"url": "https://bugzilla.suse.com/1225306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47407"
},
{
"cve": "CVE-2021-47418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47418"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: fix NULL deref in fifo_set_limit()\n\nsyzbot reported another NULL deref in fifo_set_limit() [1]\n\nI could repro the issue with :\n\nunshare -n\ntc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit\ntc qd replace dev lo parent 1:0 pfifo_fast\ntc qd change dev lo root handle 1:0 tbf limit 300000 burst 70000 rate 100Mbit\n\npfifo_fast does not have a change() operation.\nMake fifo_set_limit() more robust about this.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 1cf99067 P4D 1cf99067 PUD 7ca49067 PMD 0\nOops: 0010 [#1] PREEMPT SMP KASAN\nCPU: 1 PID: 14443 Comm: syz-executor959 Not tainted 5.15.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\nRSP: 0018:ffffc9000e2f7310 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffffffff8d6ecc00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffff888024c27910 RDI: ffff888071e34000\nRBP: ffff888071e34000 R08: 0000000000000001 R09: ffffffff8fcfb947\nR10: 0000000000000001 R11: 0000000000000000 R12: ffff888024c27910\nR13: ffff888071e34018 R14: 0000000000000000 R15: ffff88801ef74800\nFS: 00007f321d897700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 00000000722c3000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n fifo_set_limit net/sched/sch_fifo.c:242 [inline]\n fifo_set_limit+0x198/0x210 net/sched/sch_fifo.c:227\n tbf_change+0x6ec/0x16d0 net/sched/sch_tbf.c:418\n qdisc_change net/sched/sch_api.c:1332 [inline]\n tc_modify_qdisc+0xd9a/0x1a60 net/sched/sch_api.c:1634\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5572\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504\n netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340\n netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47418",
"url": "https://www.suse.com/security/cve/CVE-2021-47418"
},
{
"category": "external",
"summary": "SUSE Bug 1225337 for CVE-2021-47418",
"url": "https://bugzilla.suse.com/1225337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47418"
},
{
"cve": "CVE-2021-47434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47434"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Fix command ring pointer corruption while aborting a command\n\nThe command ring pointer is located at [6:63] bits of the command\nring control register (CRCR). All the control bits like command stop,\nabort are located at [0:3] bits. While aborting a command, we read the\nCRCR and set the abort bit and write to the CRCR. The read will always\ngive command ring pointer as all zeros. So we essentially write only\nthe control bits. Since we split the 64 bit write into two 32 bit writes,\nthere is a possibility of xHC command ring stopped before the upper\ndword (all zeros) is written. If that happens, xHC updates the upper\ndword of its internal command ring pointer with all zeros. Next time,\nwhen the command ring is restarted, we see xHC memory access failures.\nFix this issue by only writing to the lower dword of CRCR where all\ncontrol bits are located.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47434",
"url": "https://www.suse.com/security/cve/CVE-2021-47434"
},
{
"category": "external",
"summary": "SUSE Bug 1225232 for CVE-2021-47434",
"url": "https://bugzilla.suse.com/1225232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47434"
},
{
"cve": "CVE-2021-47445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix null pointer dereference on pointer edp\n\nThe initialization of pointer dev dereferences pointer edp before\nedp is null checked, so there is a potential null pointer deference\nissue. Fix this by only dereferencing edp after edp has been null\nchecked.\n\nAddresses-Coverity: (\"Dereference before null check\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47445",
"url": "https://www.suse.com/security/cve/CVE-2021-47445"
},
{
"category": "external",
"summary": "SUSE Bug 1225261 for CVE-2021-47445",
"url": "https://bugzilla.suse.com/1225261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47445"
},
{
"cve": "CVE-2021-47518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47518"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done\n\nThe done() netlink callback nfc_genl_dump_ses_done() should check if\nreceived argument is non-NULL, because its allocation could fail earlier\nin dumpit() (nfc_genl_dump_ses()).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47518",
"url": "https://www.suse.com/security/cve/CVE-2021-47518"
},
{
"category": "external",
"summary": "SUSE Bug 1225372 for CVE-2021-47518",
"url": "https://bugzilla.suse.com/1225372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47518"
},
{
"cve": "CVE-2021-47544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix page frag corruption on page fault\n\nSteffen reported a TCP stream corruption for HTTP requests\nserved by the apache web-server using a cifs mount-point\nand memory mapping the relevant file.\n\nThe root cause is quite similar to the one addressed by\ncommit 20eb4f29b602 (\"net: fix sk_page_frag() recursion from\nmemory reclaim\"). Here the nested access to the task page frag\nis caused by a page fault on the (mmapped) user-space memory\nbuffer coming from the cifs file.\n\nThe page fault handler performs an smb transaction on a different\nsocket, inside the same process context. Since sk-\u003esk_allaction\nfor such socket does not prevent the usage for the task_frag,\nthe nested allocation modify \"under the hood\" the page frag\nin use by the outer sendmsg call, corrupting the stream.\n\nThe overall relevant stack trace looks like the following:\n\nhttpd 78268 [001] 3461630.850950: probe:tcp_sendmsg_locked:\n ffffffff91461d91 tcp_sendmsg_locked+0x1\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139814e sock_sendmsg+0x3e\n ffffffffc06dfe1d smb_send_kvec+0x28\n [...]\n ffffffffc06cfaf8 cifs_readpages+0x213\n ffffffff90e83c4b read_pages+0x6b\n ffffffff90e83f31 __do_page_cache_readahead+0x1c1\n ffffffff90e79e98 filemap_fault+0x788\n ffffffff90eb0458 __do_fault+0x38\n ffffffff90eb5280 do_fault+0x1a0\n ffffffff90eb7c84 __handle_mm_fault+0x4d4\n ffffffff90eb8093 handle_mm_fault+0xc3\n ffffffff90c74f6d __do_page_fault+0x1ed\n ffffffff90c75277 do_page_fault+0x37\n ffffffff9160111e page_fault+0x1e\n ffffffff9109e7b5 copyin+0x25\n ffffffff9109eb40 _copy_from_iter_full+0xe0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139815c sock_sendmsg+0x4c\n ffffffff913981f7 sock_write_iter+0x97\n ffffffff90f2cc56 do_iter_readv_writev+0x156\n ffffffff90f2dff0 do_iter_write+0x80\n ffffffff90f2e1c3 vfs_writev+0xa3\n ffffffff90f2e27c do_writev+0x5c\n ffffffff90c042bb do_syscall_64+0x5b\n ffffffff916000ad entry_SYSCALL_64_after_hwframe+0x65\n\nThe cifs filesystem rightfully sets sk_allocations to GFP_NOFS,\nwe can avoid the nesting using the sk page frag for allocation\nlacking the __GFP_FS flag. Do not define an additional mm-helper\nfor that, as this is strictly tied to the sk page frag usage.\n\nv1 -\u003e v2:\n - use a stricted sk_page_frag() check instead of reordering the\n code (Eric)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47544",
"url": "https://www.suse.com/security/cve/CVE-2021-47544"
},
{
"category": "external",
"summary": "SUSE Bug 1225463 for CVE-2021-47544",
"url": "https://bugzilla.suse.com/1225463"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47544"
},
{
"cve": "CVE-2021-47566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc/vmcore: fix clearing user buffer by properly using clear_user()\n\nTo clear a user buffer we cannot simply use memset, we have to use\nclear_user(). With a virtio-mem device that registers a vmcore_cb and\nhas some logically unplugged memory inside an added Linux memory block,\nI can easily trigger a BUG by copying the vmcore via \"cp\":\n\n systemd[1]: Starting Kdump Vmcore Save Service...\n kdump[420]: Kdump is using the default log level(3).\n kdump[453]: saving to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/\n kdump[458]: saving vmcore-dmesg.txt to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/\n kdump[465]: saving vmcore-dmesg.txt complete\n kdump[467]: saving vmcore\n BUG: unable to handle page fault for address: 00007f2374e01000\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0003) - permissions violation\n PGD 7a523067 P4D 7a523067 PUD 7a528067 PMD 7a525067 PTE 800000007048f867\n Oops: 0003 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 468 Comm: cp Not tainted 5.15.0+ #6\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.14.0-27-g64f37cc530f1-prebuilt.qemu.org 04/01/2014\n RIP: 0010:read_from_oldmem.part.0.cold+0x1d/0x86\n Code: ff ff ff e8 05 ff fe ff e9 b9 e9 7f ff 48 89 de 48 c7 c7 38 3b 60 82 e8 f1 fe fe ff 83 fd 08 72 3c 49 8d 7d 08 4c 89 e9 89 e8 \u003c49\u003e c7 45 00 00 00 00 00 49 c7 44 05 f8 00 00 00 00 48 83 e7 f81\n RSP: 0018:ffffc9000073be08 EFLAGS: 00010212\n RAX: 0000000000001000 RBX: 00000000002fd000 RCX: 00007f2374e01000\n RDX: 0000000000000001 RSI: 00000000ffffdfff RDI: 00007f2374e01008\n RBP: 0000000000001000 R08: 0000000000000000 R09: ffffc9000073bc50\n R10: ffffc9000073bc48 R11: ffffffff829461a8 R12: 000000000000f000\n R13: 00007f2374e01000 R14: 0000000000000000 R15: ffff88807bd421e8\n FS: 00007f2374e12140(0000) GS:ffff88807f000000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f2374e01000 CR3: 000000007a4aa000 CR4: 0000000000350eb0\n Call Trace:\n read_vmcore+0x236/0x2c0\n proc_reg_read+0x55/0xa0\n vfs_read+0x95/0x190\n ksys_read+0x4f/0xc0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nSome x86-64 CPUs have a CPU feature called \"Supervisor Mode Access\nPrevention (SMAP)\", which is used to detect wrong access from the kernel\nto user buffers like this: SMAP triggers a permissions violation on\nwrong access. In the x86-64 variant of clear_user(), SMAP is properly\nhandled via clac()+stac().\n\nTo fix, properly use clear_user() when we\u0027re dealing with a user buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47566",
"url": "https://www.suse.com/security/cve/CVE-2021-47566"
},
{
"category": "external",
"summary": "SUSE Bug 1225514 for CVE-2021-47566",
"url": "https://bugzilla.suse.com/1225514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47566"
},
{
"cve": "CVE-2021-47571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()\n\nThe free_rtllib() function frees the \"dev\" pointer so there is use\nafter free on the next line. Re-arrange things to avoid that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47571",
"url": "https://www.suse.com/security/cve/CVE-2021-47571"
},
{
"category": "external",
"summary": "SUSE Bug 1225518 for CVE-2021-47571",
"url": "https://bugzilla.suse.com/1225518"
},
{
"category": "external",
"summary": "SUSE Bug 1227551 for CVE-2021-47571",
"url": "https://bugzilla.suse.com/1227551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2021-47571"
},
{
"cve": "CVE-2021-47576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()\n\nIn resp_mode_select() sanity check the block descriptor len to avoid UAF.\n\nBUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40 drivers/scsi/scsi_debug.c:2509\nRead of size 1 at addr ffff888026670f50 by task scsicmd/15032\n\nCPU: 1 PID: 15032 Comm: scsicmd Not tainted 5.15.0-01d0625 #15\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x89/0xb5 lib/dump_stack.c:107\n print_address_description.constprop.9+0x28/0x160 mm/kasan/report.c:257\n kasan_report.cold.14+0x7d/0x117 mm/kasan/report.c:443\n __asan_report_load1_noabort+0x14/0x20 mm/kasan/report_generic.c:306\n resp_mode_select+0xa4c/0xb40 drivers/scsi/scsi_debug.c:2509\n schedule_resp+0x4af/0x1a10 drivers/scsi/scsi_debug.c:5483\n scsi_debug_queuecommand+0x8c9/0x1e70 drivers/scsi/scsi_debug.c:7537\n scsi_queue_rq+0x16b4/0x2d10 drivers/scsi/scsi_lib.c:1521\n blk_mq_dispatch_rq_list+0xb9b/0x2700 block/blk-mq.c:1640\n __blk_mq_sched_dispatch_requests+0x28f/0x590 block/blk-mq-sched.c:325\n blk_mq_sched_dispatch_requests+0x105/0x190 block/blk-mq-sched.c:358\n __blk_mq_run_hw_queue+0xe5/0x150 block/blk-mq.c:1762\n __blk_mq_delay_run_hw_queue+0x4f8/0x5c0 block/blk-mq.c:1839\n blk_mq_run_hw_queue+0x18d/0x350 block/blk-mq.c:1891\n blk_mq_sched_insert_request+0x3db/0x4e0 block/blk-mq-sched.c:474\n blk_execute_rq_nowait+0x16b/0x1c0 block/blk-exec.c:63\n sg_common_write.isra.18+0xeb3/0x2000 drivers/scsi/sg.c:837\n sg_new_write.isra.19+0x570/0x8c0 drivers/scsi/sg.c:775\n sg_ioctl_common+0x14d6/0x2710 drivers/scsi/sg.c:941\n sg_ioctl+0xa2/0x180 drivers/scsi/sg.c:1166\n __x64_sys_ioctl+0x19d/0x220 fs/ioctl.c:52\n do_syscall_64+0x3a/0x80 arch/x86/entry/common.c:50\n entry_SYSCALL_64_after_hwframe+0x44/0xae arch/x86/entry/entry_64.S:113",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47576",
"url": "https://www.suse.com/security/cve/CVE-2021-47576"
},
{
"category": "external",
"summary": "SUSE Bug 1226537 for CVE-2021-47576",
"url": "https://bugzilla.suse.com/1226537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "low"
}
],
"title": "CVE-2021-47576"
},
{
"cve": "CVE-2021-47587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: Add global locking for descriptor lifecycle\n\nThe descriptor list is a shared resource across all of the transmit queues, and\nthe locking mechanism used today only protects concurrency across a given\ntransmit queue between the transmit and reclaiming. This creates an opportunity\nfor the SYSTEMPORT hardware to work on corrupted descriptors if we have\nmultiple producers at once which is the case when using multiple transmit\nqueues.\n\nThis was particularly noticeable when using multiple flows/transmit queues and\nit showed up in interesting ways in that UDP packets would get a correct UDP\nheader checksum being calculated over an incorrect packet length. Similarly TCP\npackets would get an equally correct checksum computed by the hardware over an\nincorrect packet length.\n\nThe SYSTEMPORT hardware maintains an internal descriptor list that it re-arranges\nwhen the driver produces a new descriptor anytime it writes to the\nWRITE_PORT_{HI,LO} registers, there is however some delay in the hardware to\nre-organize its descriptors and it is possible that concurrent TX queues\neventually break this internal allocation scheme to the point where the\nlength/status part of the descriptor gets used for an incorrect data buffer.\n\nThe fix is to impose a global serialization for all TX queues in the short\nsection where we are writing to the WRITE_PORT_{HI,LO} registers which solves\nthe corruption even with multiple concurrent TX queues being used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47587",
"url": "https://www.suse.com/security/cve/CVE-2021-47587"
},
{
"category": "external",
"summary": "SUSE Bug 1226567 for CVE-2021-47587",
"url": "https://bugzilla.suse.com/1226567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47587"
},
{
"cve": "CVE-2021-47589",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47589"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigbvf: fix double free in `igbvf_probe`\n\nIn `igbvf_probe`, if register_netdev() fails, the program will go to\nlabel err_hw_init, and then to label err_ioremap. In free_netdev() which\nis just below label err_ioremap, there is `list_for_each_entry_safe` and\n`netif_napi_del` which aims to delete all entries in `dev-\u003enapi_list`.\nThe program has added an entry `adapter-\u003erx_ring-\u003enapi` which is added by\n`netif_napi_add` in igbvf_alloc_queues(). However, adapter-\u003erx_ring has\nbeen freed below label err_hw_init. So this a UAF.\n\nIn terms of how to patch the problem, we can refer to igbvf_remove() and\ndelete the entry before `adapter-\u003erx_ring`.\n\nThe KASAN logs are as follows:\n\n[ 35.126075] BUG: KASAN: use-after-free in free_netdev+0x1fd/0x450\n[ 35.127170] Read of size 8 at addr ffff88810126d990 by task modprobe/366\n[ 35.128360]\n[ 35.128643] CPU: 1 PID: 366 Comm: modprobe Not tainted 5.15.0-rc2+ #14\n[ 35.129789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 35.131749] Call Trace:\n[ 35.132199] dump_stack_lvl+0x59/0x7b\n[ 35.132865] print_address_description+0x7c/0x3b0\n[ 35.133707] ? free_netdev+0x1fd/0x450\n[ 35.134378] __kasan_report+0x160/0x1c0\n[ 35.135063] ? free_netdev+0x1fd/0x450\n[ 35.135738] kasan_report+0x4b/0x70\n[ 35.136367] free_netdev+0x1fd/0x450\n[ 35.137006] igbvf_probe+0x121d/0x1a10 [igbvf]\n[ 35.137808] ? igbvf_vlan_rx_add_vid+0x100/0x100 [igbvf]\n[ 35.138751] local_pci_probe+0x13c/0x1f0\n[ 35.139461] pci_device_probe+0x37e/0x6c0\n[ 35.165526]\n[ 35.165806] Allocated by task 366:\n[ 35.166414] ____kasan_kmalloc+0xc4/0xf0\n[ 35.167117] foo_kmem_cache_alloc_trace+0x3c/0x50 [igbvf]\n[ 35.168078] igbvf_probe+0x9c5/0x1a10 [igbvf]\n[ 35.168866] local_pci_probe+0x13c/0x1f0\n[ 35.169565] pci_device_probe+0x37e/0x6c0\n[ 35.179713]\n[ 35.179993] Freed by task 366:\n[ 35.180539] kasan_set_track+0x4c/0x80\n[ 35.181211] kasan_set_free_info+0x1f/0x40\n[ 35.181942] ____kasan_slab_free+0x103/0x140\n[ 35.182703] kfree+0xe3/0x250\n[ 35.183239] igbvf_probe+0x1173/0x1a10 [igbvf]\n[ 35.184040] local_pci_probe+0x13c/0x1f0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47589",
"url": "https://www.suse.com/security/cve/CVE-2021-47589"
},
{
"category": "external",
"summary": "SUSE Bug 1226557 for CVE-2021-47589",
"url": "https://bugzilla.suse.com/1226557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47589"
},
{
"cve": "CVE-2021-47600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47600"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm btree remove: fix use after free in rebalance_children()\n\nMove dm_tm_unlock() after dm_tm_dec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47600",
"url": "https://www.suse.com/security/cve/CVE-2021-47600"
},
{
"category": "external",
"summary": "SUSE Bug 1226575 for CVE-2021-47600",
"url": "https://bugzilla.suse.com/1226575"
},
{
"category": "external",
"summary": "SUSE Bug 1227472 for CVE-2021-47600",
"url": "https://bugzilla.suse.com/1227472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2021-47600"
},
{
"cve": "CVE-2021-47602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: track only QoS data frames for admission control\n\nFor admission control, obviously all of that only works for\nQoS data frames, otherwise we cannot even access the QoS\nfield in the header.\n\nSyzbot reported (see below) an uninitialized value here due\nto a status of a non-QoS nullfunc packet, which isn\u0027t even\nlong enough to contain the QoS header.\n\nFix this to only do anything for QoS data packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47602",
"url": "https://www.suse.com/security/cve/CVE-2021-47602"
},
{
"category": "external",
"summary": "SUSE Bug 1226554 for CVE-2021-47602",
"url": "https://bugzilla.suse.com/1226554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47602"
},
{
"cve": "CVE-2021-47603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47603"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: improve robustness of the audit queue handling\n\nIf the audit daemon were ever to get stuck in a stopped state the\nkernel\u0027s kauditd_thread() could get blocked attempting to send audit\nrecords to the userspace audit daemon. With the kernel thread\nblocked it is possible that the audit queue could grow unbounded as\ncertain audit record generating events must be exempt from the queue\nlimits else the system enter a deadlock state.\n\nThis patch resolves this problem by lowering the kernel thread\u0027s\nsocket sending timeout from MAX_SCHEDULE_TIMEOUT to HZ/10 and tweaks\nthe kauditd_send_queue() function to better manage the various audit\nqueues when connection problems occur between the kernel and the\naudit daemon. With this patch, the backlog may temporarily grow\nbeyond the defined limits when the audit daemon is stopped and the\nsystem is under heavy audit pressure, but kauditd_thread() will\ncontinue to make progress and drain the queues as it would for other\nconnection problems. For example, with the audit daemon put into a\nstopped state and the system configured to audit every syscall it\nwas still possible to shutdown the system without a kernel panic,\ndeadlock, etc.; granted, the system was slow to shutdown but that is\nto be expected given the extreme pressure of recording every syscall.\n\nThe timeout value of HZ/10 was chosen primarily through\nexperimentation and this developer\u0027s \"gut feeling\". There is likely\nno one perfect value, but as this scenario is limited in scope (root\nprivileges would be needed to send SIGSTOP to the audit daemon), it\nis likely not worth exposing this as a tunable at present. This can\nalways be done at a later date if it proves necessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47603",
"url": "https://www.suse.com/security/cve/CVE-2021-47603"
},
{
"category": "external",
"summary": "SUSE Bug 1226577 for CVE-2021-47603",
"url": "https://bugzilla.suse.com/1226577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47603"
},
{
"cve": "CVE-2021-47609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Fix string overflow in SCPI genpd driver\n\nWithout the bound checks for scpi_pd-\u003ename, it could result in the buffer\noverflow when copying the SCPI device name from the corresponding device\ntree node as the name string is set at maximum size of 30.\n\nLet us fix it by using devm_kasprintf so that the string buffer is\nallocated dynamically.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47609",
"url": "https://www.suse.com/security/cve/CVE-2021-47609"
},
{
"category": "external",
"summary": "SUSE Bug 1226562 for CVE-2021-47609",
"url": "https://bugzilla.suse.com/1226562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47609"
},
{
"cve": "CVE-2021-47617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pciehp: Fix infinite loop in IRQ handler upon power fault\n\nThe Power Fault Detected bit in the Slot Status register differs from\nall other hotplug events in that it is sticky: It can only be cleared\nafter turning off slot power. Per PCIe r5.0, sec. 6.7.1.8:\n\n If a power controller detects a main power fault on the hot-plug slot,\n it must automatically set its internal main power fault latch [...].\n The main power fault latch is cleared when software turns off power to\n the hot-plug slot.\n\nThe stickiness used to cause interrupt storms and infinite loops which\nwere fixed in 2009 by commits 5651c48cfafe (\"PCI pciehp: fix power fault\ninterrupt storm problem\") and 99f0169c17f3 (\"PCI: pciehp: enable\nsoftware notification on empty slots\").\n\nUnfortunately in 2020 the infinite loop issue was inadvertently\nreintroduced by commit 8edf5332c393 (\"PCI: pciehp: Fix MSI interrupt\nrace\"): The hardirq handler pciehp_isr() clears the PFD bit until\npciehp\u0027s power_fault_detected flag is set. That happens in the IRQ\nthread pciehp_ist(), which never learns of the event because the hardirq\nhandler is stuck in an infinite loop. Fix by setting the\npower_fault_detected flag already in the hardirq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47617",
"url": "https://www.suse.com/security/cve/CVE-2021-47617"
},
{
"category": "external",
"summary": "SUSE Bug 1226614 for CVE-2021-47617",
"url": "https://bugzilla.suse.com/1226614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47617"
},
{
"cve": "CVE-2022-0435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0435"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow flaw was found in the Linux kernel\u0027s TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0435",
"url": "https://www.suse.com/security/cve/CVE-2022-0435"
},
{
"category": "external",
"summary": "SUSE Bug 1195254 for CVE-2022-0435",
"url": "https://bugzilla.suse.com/1195254"
},
{
"category": "external",
"summary": "SUSE Bug 1195308 for CVE-2022-0435",
"url": "https://bugzilla.suse.com/1195308"
},
{
"category": "external",
"summary": "SUSE Bug 1226672 for CVE-2022-0435",
"url": "https://bugzilla.suse.com/1226672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2022-0435"
},
{
"cve": "CVE-2022-22942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-22942"
}
],
"notes": [
{
"category": "general",
"text": "The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling \u0027file\u0027 pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-22942",
"url": "https://www.suse.com/security/cve/CVE-2022-22942"
},
{
"category": "external",
"summary": "SUSE Bug 1195065 for CVE-2022-22942",
"url": "https://bugzilla.suse.com/1195065"
},
{
"category": "external",
"summary": "SUSE Bug 1195951 for CVE-2022-22942",
"url": "https://bugzilla.suse.com/1195951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2022-22942"
},
{
"cve": "CVE-2022-48711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: improve size validations for received domain records\n\nThe function tipc_mon_rcv() allows a node to receive and process\ndomain_record structs from peer nodes to track their views of the\nnetwork topology.\n\nThis patch verifies that the number of members in a received domain\nrecord does not exceed the limit defined by MAX_MON_DOMAIN, something\nthat may otherwise lead to a stack overflow.\n\ntipc_mon_rcv() is called from the function tipc_link_proto_rcv(), where\nwe are reading a 32 bit message data length field into a uint16. To\navert any risk of bit overflow, we add an extra sanity check for this in\nthat function. We cannot see that happen with the current code, but\nfuture designers being unaware of this risk, may introduce it by\nallowing delivery of very large (\u003e 64k) sk buffers from the bearer\nlayer. This potential problem was identified by Eric Dumazet.\n\nThis fixes CVE-2022-0435",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48711",
"url": "https://www.suse.com/security/cve/CVE-2022-48711"
},
{
"category": "external",
"summary": "SUSE Bug 1226672 for CVE-2022-48711",
"url": "https://bugzilla.suse.com/1226672"
},
{
"category": "external",
"summary": "SUSE Bug 1227473 for CVE-2022-48711",
"url": "https://bugzilla.suse.com/1227473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2022-48711"
},
{
"cve": "CVE-2022-48715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Make bnx2fc_recv_frame() mp safe\n\nRunning tests with a debug kernel shows that bnx2fc_recv_frame() is\nmodifying the per_cpu lport stats counters in a non-mpsafe way. Just boot\na debug kernel and run the bnx2fc driver with the hardware enabled.\n\n[ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_\n[ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699174] CPU: 2 PID: 4355 Comm: bnx2fc_l2_threa Kdump: loaded Tainted: G B\n[ 1391.699180] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n[ 1391.699183] Call Trace:\n[ 1391.699188] dump_stack_lvl+0x57/0x7d\n[ 1391.699198] check_preemption_disabled+0xc8/0xd0\n[ 1391.699205] bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699215] ? do_raw_spin_trylock+0xb5/0x180\n[ 1391.699221] ? bnx2fc_npiv_create_vports.isra.0+0x4e0/0x4e0 [bnx2fc]\n[ 1391.699229] ? bnx2fc_l2_rcv_thread+0xb7/0x3a0 [bnx2fc]\n[ 1391.699240] bnx2fc_l2_rcv_thread+0x1af/0x3a0 [bnx2fc]\n[ 1391.699250] ? bnx2fc_ulp_init+0xc0/0xc0 [bnx2fc]\n[ 1391.699258] kthread+0x364/0x420\n[ 1391.699263] ? _raw_spin_unlock_irq+0x24/0x50\n[ 1391.699268] ? set_kthread_struct+0x100/0x100\n[ 1391.699273] ret_from_fork+0x22/0x30\n\nRestore the old get_cpu/put_cpu code with some modifications to reduce the\nsize of the critical section.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48715",
"url": "https://www.suse.com/security/cve/CVE-2022-48715"
},
{
"category": "external",
"summary": "SUSE Bug 1226621 for CVE-2022-48715",
"url": "https://bugzilla.suse.com/1226621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "low"
}
],
"title": "CVE-2022-48715"
},
{
"cve": "CVE-2022-48722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48722"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: ca8210: Stop leaking skb\u0027s\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. We then leak the skb\nstructure.\n\nFree the skb structure upon error before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48722",
"url": "https://www.suse.com/security/cve/CVE-2022-48722"
},
{
"category": "external",
"summary": "SUSE Bug 1226619 for CVE-2022-48722",
"url": "https://bugzilla.suse.com/1226619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48722"
},
{
"cve": "CVE-2022-48732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix off by one in BIOS boundary checking\n\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac\u0027s with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\n\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48732",
"url": "https://www.suse.com/security/cve/CVE-2022-48732"
},
{
"category": "external",
"summary": "SUSE Bug 1226716 for CVE-2022-48732",
"url": "https://bugzilla.suse.com/1226716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48732"
},
{
"cve": "CVE-2022-48733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free after failure to create a snapshot\n\nAt ioctl.c:create_snapshot(), we allocate a pending snapshot structure and\nthen attach it to the transaction\u0027s list of pending snapshots. After that\nwe call btrfs_commit_transaction(), and if that returns an error we jump\nto \u0027fail\u0027 label, where we kfree() the pending snapshot structure. This can\nresult in a later use-after-free of the pending snapshot:\n\n1) We allocated the pending snapshot and added it to the transaction\u0027s\n list of pending snapshots;\n\n2) We call btrfs_commit_transaction(), and it fails either at the first\n call to btrfs_run_delayed_refs() or btrfs_start_dirty_block_groups().\n In both cases, we don\u0027t abort the transaction and we release our\n transaction handle. We jump to the \u0027fail\u0027 label and free the pending\n snapshot structure. We return with the pending snapshot still in the\n transaction\u0027s list;\n\n3) Another task commits the transaction. This time there\u0027s no error at\n all, and then during the transaction commit it accesses a pointer\n to the pending snapshot structure that the snapshot creation task\n has already freed, resulting in a user-after-free.\n\nThis issue could actually be detected by smatch, which produced the\nfollowing warning:\n\n fs/btrfs/ioctl.c:843 create_snapshot() warn: \u0027\u0026pending_snapshot-\u003elist\u0027 not removed from list\n\nSo fix this by not having the snapshot creation ioctl directly add the\npending snapshot to the transaction\u0027s list. Instead add the pending\nsnapshot to the transaction handle, and then at btrfs_commit_transaction()\nwe add the snapshot to the list only when we can guarantee that any error\nreturned after that point will result in a transaction abort, in which\ncase the ioctl code can safely free the pending snapshot and no one can\naccess it anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48733",
"url": "https://www.suse.com/security/cve/CVE-2022-48733"
},
{
"category": "external",
"summary": "SUSE Bug 1226718 for CVE-2022-48733",
"url": "https://bugzilla.suse.com/1226718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48733"
},
{
"cve": "CVE-2022-48740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: fix double free of cond_list on error paths\n\nOn error path from cond_read_list() and duplicate_policydb_cond_list()\nthe cond_list_destroy() gets called a second time in caller functions,\nresulting in NULL pointer deref. Fix this by resetting the\ncond_list_len to 0 in cond_list_destroy(), making subsequent calls a\nnoop.\n\nAlso consistently reset the cond_list pointer to NULL after freeing.\n\n[PM: fix line lengths in the description]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48740",
"url": "https://www.suse.com/security/cve/CVE-2022-48740"
},
{
"category": "external",
"summary": "SUSE Bug 1226699 for CVE-2022-48740",
"url": "https://bugzilla.suse.com/1226699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48740"
},
{
"cve": "CVE-2022-48743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: amd-xgbe: Fix skb data length underflow\n\nThere will be BUG_ON() triggered in include/linux/skbuff.h leading to\nintermittent kernel panic, when the skb length underflow is detected.\n\nFix this by dropping the packet if such length underflows are seen\nbecause of inconsistencies in the hardware descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48743",
"url": "https://www.suse.com/security/cve/CVE-2022-48743"
},
{
"category": "external",
"summary": "SUSE Bug 1226705 for CVE-2022-48743",
"url": "https://bugzilla.suse.com/1226705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48743"
},
{
"cve": "CVE-2022-48754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphylib: fix potential use-after-free\n\nCommit bafbdd527d56 (\"phylib: Add device reset GPIO support\") added call\nto phy_device_reset(phydev) after the put_device() call in phy_detach().\n\nThe comment before the put_device() call says that the phydev might go\naway with put_device().\n\nFix potential use-after-free by calling phy_device_reset() before\nput_device().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48754",
"url": "https://www.suse.com/security/cve/CVE-2022-48754"
},
{
"category": "external",
"summary": "SUSE Bug 1226692 for CVE-2022-48754",
"url": "https://bugzilla.suse.com/1226692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48754"
},
{
"cve": "CVE-2022-48756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\n\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\n\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\n\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48756",
"url": "https://www.suse.com/security/cve/CVE-2022-48756"
},
{
"category": "external",
"summary": "SUSE Bug 1226698 for CVE-2022-48756",
"url": "https://bugzilla.suse.com/1226698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48756"
},
{
"cve": "CVE-2022-48758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\n\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\n\nReplace the fcoe_port\u0027s destroy_work queue. It\u0027s not needed.\n\nThe problem is easily reproducible with the following steps.\n\nExample:\n\n $ dmesg -w \u0026\n $ systemctl enable --now fcoe\n $ fipvlan -s -c ens2f1\n $ fcoeadm -d ens2f1.802\n [ 583.464488] host2: libfc: Link down on port (7500a1)\n [ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n [ 583.490468] ------------[ cut here ]------------\n [ 583.538725] sysfs group \u0027power\u0027 not found for kobject \u0027rport-2:0-0\u0027\n [ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n [ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n [ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n [ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n [ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n [ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n [ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n [ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n [ 584.454888] Call Trace:\n [ 584.466108] device_del+0xb2/0x3e0\n [ 584.481701] device_unregister+0x13/0x60\n [ 584.501306] bsg_unregister_queue+0x5b/0x80\n [ 584.522029] bsg_remove_queue+0x1c/0x40\n [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n [ 584.573823] process_one_work+0x1e3/0x3b0\n [ 584.592396] worker_thread+0x50/0x3b0\n [ 584.609256] ? rescuer_thread+0x370/0x370\n [ 584.628877] kthread+0x149/0x170\n [ 584.643673] ? set_kthread_struct+0x40/0x40\n [ 584.662909] ret_from_fork+0x22/0x30\n [ 584.680002] ---[ end trace 53575ecefa942ece ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48758",
"url": "https://www.suse.com/security/cve/CVE-2022-48758"
},
{
"category": "external",
"summary": "SUSE Bug 1226708 for CVE-2022-48758",
"url": "https://bugzilla.suse.com/1226708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48758"
},
{
"cve": "CVE-2022-48759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev\n\nstruct rpmsg_ctrldev contains a struct cdev. The current code frees\nthe rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but the\ncdev is a managed object, therefore its release is not predictable\nand the rpmsg_ctrldev could be freed before the cdev is entirely\nreleased, as in the backtrace below.\n\n[ 93.625603] ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x7c\n[ 93.636115] WARNING: CPU: 0 PID: 12 at lib/debugobjects.c:488 debug_print_object+0x13c/0x1b0\n[ 93.644799] Modules linked in: veth xt_cgroup xt_MASQUERADE rfcomm algif_hash algif_skcipher af_alg uinput ip6table_nat fuse uvcvideo videobuf2_vmalloc venus_enc venus_dec videobuf2_dma_contig hci_uart btandroid btqca snd_soc_rt5682_i2c bluetooth qcom_spmi_temp_alarm snd_soc_rt5682v\n[ 93.715175] CPU: 0 PID: 12 Comm: kworker/0:1 Tainted: G B 5.4.163-lockdep #26\n[ 93.723855] Hardware name: Google Lazor (rev3 - 8) with LTE (DT)\n[ 93.730055] Workqueue: events kobject_delayed_cleanup\n[ 93.735271] pstate: 60c00009 (nZCv daif +PAN +UAO)\n[ 93.740216] pc : debug_print_object+0x13c/0x1b0\n[ 93.744890] lr : debug_print_object+0x13c/0x1b0\n[ 93.749555] sp : ffffffacf5bc7940\n[ 93.752978] x29: ffffffacf5bc7940 x28: dfffffd000000000\n[ 93.758448] x27: ffffffacdb11a800 x26: dfffffd000000000\n[ 93.763916] x25: ffffffd0734f856c x24: dfffffd000000000\n[ 93.769389] x23: 0000000000000000 x22: ffffffd0733c35b0\n[ 93.774860] x21: ffffffd0751994a0 x20: ffffffd075ec27c0\n[ 93.780338] x19: ffffffd075199100 x18: 00000000000276e0\n[ 93.785814] x17: 0000000000000000 x16: dfffffd000000000\n[ 93.791291] x15: ffffffffffffffff x14: 6e6968207473696c\n[ 93.796768] x13: 0000000000000000 x12: ffffffd075e2b000\n[ 93.802244] x11: 0000000000000001 x10: 0000000000000000\n[ 93.807723] x9 : d13400dff1921900 x8 : d13400dff1921900\n[ 93.813200] x7 : 0000000000000000 x6 : 0000000000000000\n[ 93.818676] x5 : 0000000000000080 x4 : 0000000000000000\n[ 93.824152] x3 : ffffffd0732a0fa4 x2 : 0000000000000001\n[ 93.829628] x1 : ffffffacf5bc7580 x0 : 0000000000000061\n[ 93.835104] Call trace:\n[ 93.837644] debug_print_object+0x13c/0x1b0\n[ 93.841963] __debug_check_no_obj_freed+0x25c/0x3c0\n[ 93.846987] debug_check_no_obj_freed+0x18/0x20\n[ 93.851669] slab_free_freelist_hook+0xbc/0x1e4\n[ 93.856346] kfree+0xfc/0x2f4\n[ 93.859416] rpmsg_ctrldev_release_device+0x78/0xb8\n[ 93.864445] device_release+0x84/0x168\n[ 93.868310] kobject_cleanup+0x12c/0x298\n[ 93.872356] kobject_delayed_cleanup+0x10/0x18\n[ 93.876948] process_one_work+0x578/0x92c\n[ 93.881086] worker_thread+0x804/0xcf8\n[ 93.884963] kthread+0x2a8/0x314\n[ 93.888303] ret_from_fork+0x10/0x18\n\nThe cdev_device_add/del() API was created to address this issue (see\ncommit \u0027233ed09d7fda (\"chardev: add helper function to register char\ndevs with a struct device\")\u0027), use it instead of cdev add/del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48759",
"url": "https://www.suse.com/security/cve/CVE-2022-48759"
},
{
"category": "external",
"summary": "SUSE Bug 1226711 for CVE-2022-48759",
"url": "https://bugzilla.suse.com/1226711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48759"
},
{
"cve": "CVE-2022-48760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix hang in usb_kill_urb by adding memory barriers\n\nThe syzbot fuzzer has identified a bug in which processes hang waiting\nfor usb_kill_urb() to return. It turns out the issue is not unlinking\nthe URB; that works just fine. Rather, the problem arises when the\nwakeup notification that the URB has completed is not received.\n\nThe reason is memory-access ordering on SMP systems. In outline form,\nusb_kill_urb() and __usb_hcd_giveback_urb() operating concurrently on\ndifferent CPUs perform the following actions:\n\nCPU 0\t\t\t\t\tCPU 1\n----------------------------\t\t---------------------------------\nusb_kill_urb():\t\t\t\t__usb_hcd_giveback_urb():\n ...\t\t\t\t\t ...\n atomic_inc(\u0026urb-\u003ereject);\t\t atomic_dec(\u0026urb-\u003euse_count);\n ...\t\t\t\t\t ...\n wait_event(usb_kill_urb_queue,\n\tatomic_read(\u0026urb-\u003euse_count) == 0);\n\t\t\t\t\t if (atomic_read(\u0026urb-\u003ereject))\n\t\t\t\t\t\twake_up(\u0026usb_kill_urb_queue);\n\nConfining your attention to urb-\u003ereject and urb-\u003euse_count, you can\nsee that the overall pattern of accesses on CPU 0 is:\n\n\twrite urb-\u003ereject, then read urb-\u003euse_count;\n\nwhereas the overall pattern of accesses on CPU 1 is:\n\n\twrite urb-\u003euse_count, then read urb-\u003ereject.\n\nThis pattern is referred to in memory-model circles as SB (for \"Store\nBuffering\"), and it is well known that without suitable enforcement of\nthe desired order of accesses -- in the form of memory barriers -- it\nis entirely possible for one or both CPUs to execute their reads ahead\nof their writes. The end result will be that sometimes CPU 0 sees the\nold un-decremented value of urb-\u003euse_count while CPU 1 sees the old\nun-incremented value of urb-\u003ereject. Consequently CPU 0 ends up on\nthe wait queue and never gets woken up, leading to the observed hang\nin usb_kill_urb().\n\nThe same pattern of accesses occurs in usb_poison_urb() and the\nfailure pathway of usb_hcd_submit_urb().\n\nThe problem is fixed by adding suitable memory barriers. To provide\nproper memory-access ordering in the SB pattern, a full barrier is\nrequired on both CPUs. The atomic_inc() and atomic_dec() accesses\nthemselves don\u0027t provide any memory ordering, but since they are\npresent, we can use the optimized smp_mb__after_atomic() memory\nbarrier in the various routines to obtain the desired effect.\n\nThis patch adds the necessary memory barriers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48760",
"url": "https://www.suse.com/security/cve/CVE-2022-48760"
},
{
"category": "external",
"summary": "SUSE Bug 1226712 for CVE-2022-48760",
"url": "https://bugzilla.suse.com/1226712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48760"
},
{
"cve": "CVE-2022-48761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci-plat: fix crash when suspend if remote wake enable\n\nCrashed at i.mx8qm platform when suspend if enable remote wakeup\n\nInternal error: synchronous external abort: 96000210 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 PID: 244 Comm: kworker/u12:6 Not tainted 5.15.5-dirty #12\nHardware name: Freescale i.MX8QM MEK (DT)\nWorkqueue: events_unbound async_run_entry_fn\npstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : xhci_disable_hub_port_wake.isra.62+0x60/0xf8\nlr : xhci_disable_hub_port_wake.isra.62+0x34/0xf8\nsp : ffff80001394bbf0\nx29: ffff80001394bbf0 x28: 0000000000000000 x27: ffff00081193b578\nx26: ffff00081193b570 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff00081193a29c x22: 0000000000020001 x21: 0000000000000001\nx20: 0000000000000000 x19: ffff800014e90490 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000000 x13: 0000000000000002 x12: 0000000000000000\nx11: 0000000000000000 x10: 0000000000000960 x9 : ffff80001394baa0\nx8 : ffff0008145d1780 x7 : ffff0008f95b8e80 x6 : 000000001853b453\nx5 : 0000000000000496 x4 : 0000000000000000 x3 : ffff00081193a29c\nx2 : 0000000000000001 x1 : 0000000000000000 x0 : ffff000814591620\nCall trace:\n xhci_disable_hub_port_wake.isra.62+0x60/0xf8\n xhci_suspend+0x58/0x510\n xhci_plat_suspend+0x50/0x78\n platform_pm_suspend+0x2c/0x78\n dpm_run_callback.isra.25+0x50/0xe8\n __device_suspend+0x108/0x3c0\n\nThe basic flow:\n\t1. run time suspend call xhci_suspend, xhci parent devices gate the clock.\n 2. echo mem \u003e/sys/power/state, system _device_suspend call xhci_suspend\n 3. xhci_suspend call xhci_disable_hub_port_wake, which access register,\n\t but clock already gated by run time suspend.\n\nThis problem was hidden by power domain driver, which call run time resume before it.\n\nBut the below commit remove it and make this issue happen.\n\tcommit c1df456d0f06e (\"PM: domains: Don\u0027t runtime resume devices at genpd_prepare()\")\n\nThis patch call run time resume before suspend to make sure clock is on\nbefore access register.\n\nTesteb-by: Abel Vesa \u003cabel.vesa@nxp.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48761",
"url": "https://www.suse.com/security/cve/CVE-2022-48761"
},
{
"category": "external",
"summary": "SUSE Bug 1226701 for CVE-2022-48761",
"url": "https://bugzilla.suse.com/1226701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48761"
},
{
"cve": "CVE-2022-48771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix stale file descriptors on failed usercopy\n\nA failing usercopy of the fence_rep object will lead to a stale entry in\nthe file descriptor table as put_unused_fd() won\u0027t release it. This\nenables userland to refer to a dangling \u0027file\u0027 object through that still\nvalid file descriptor, leading to all kinds of use-after-free\nexploitation scenarios.\n\nFix this by deferring the call to fd_install() until after the usercopy\nhas succeeded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48771",
"url": "https://www.suse.com/security/cve/CVE-2022-48771"
},
{
"category": "external",
"summary": "SUSE Bug 1226732 for CVE-2022-48771",
"url": "https://bugzilla.suse.com/1226732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48771"
},
{
"cve": "CVE-2022-48772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: lgdt3306a: Add a check against null-pointer-def\n\nThe driver should check whether the client provides the platform_data.\n\nThe following log reveals it:\n\n[ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40\n[ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414\n[ 29.612820] Call Trace:\n[ 29.613030] \u003cTASK\u003e\n[ 29.613201] dump_stack_lvl+0x56/0x6f\n[ 29.613496] ? kmemdup+0x30/0x40\n[ 29.613754] print_report.cold+0x494/0x6b7\n[ 29.614082] ? kmemdup+0x30/0x40\n[ 29.614340] kasan_report+0x8a/0x190\n[ 29.614628] ? kmemdup+0x30/0x40\n[ 29.614888] kasan_check_range+0x14d/0x1d0\n[ 29.615213] memcpy+0x20/0x60\n[ 29.615454] kmemdup+0x30/0x40\n[ 29.615700] lgdt3306a_probe+0x52/0x310\n[ 29.616339] i2c_device_probe+0x951/0xa90",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48772",
"url": "https://www.suse.com/security/cve/CVE-2022-48772"
},
{
"category": "external",
"summary": "SUSE Bug 1226976 for CVE-2022-48772",
"url": "https://bugzilla.suse.com/1226976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2022-48772"
},
{
"cve": "CVE-2023-24023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-24023"
}
],
"notes": [
{
"category": "general",
"text": "Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-24023",
"url": "https://www.suse.com/security/cve/CVE-2023-24023"
},
{
"category": "external",
"summary": "SUSE Bug 1218148 for CVE-2023-24023",
"url": "https://bugzilla.suse.com/1218148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-24023"
},
{
"cve": "CVE-2023-52622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n mount $dev $dir\n resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n \u003cTASK\u003e\n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE \u003c\u003c MAX_ORDER) / sizeof(struct ext4_new_group_data) ~ 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52622",
"url": "https://www.suse.com/security/cve/CVE-2023-52622"
},
{
"category": "external",
"summary": "SUSE Bug 1222080 for CVE-2023-52622",
"url": "https://bugzilla.suse.com/1222080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52622"
},
{
"cve": "CVE-2023-52675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/imc-pmu: Add a null pointer check in update_events_in_group()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52675",
"url": "https://www.suse.com/security/cve/CVE-2023-52675"
},
{
"category": "external",
"summary": "SUSE Bug 1224504 for CVE-2023-52675",
"url": "https://bugzilla.suse.com/1224504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52675"
},
{
"cve": "CVE-2023-52737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52737"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: lock the inode in shared mode before starting fiemap\n\nCurrently fiemap does not take the inode\u0027s lock (VFS lock), it only locks\na file range in the inode\u0027s io tree. This however can lead to a deadlock\nif we have a concurrent fsync on the file and fiemap code triggers a fault\nwhen accessing the user space buffer with fiemap_fill_next_extent(). The\ndeadlock happens on the inode\u0027s i_mmap_lock semaphore, which is taken both\nby fsync and btrfs_page_mkwrite(). This deadlock was recently reported by\nsyzbot and triggers a trace like the following:\n\n task:syz-executor361 state:D stack:20264 pid:5668 ppid:5119 flags:0x00004004\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5293 [inline]\n __schedule+0x995/0xe20 kernel/sched/core.c:6606\n schedule+0xcb/0x190 kernel/sched/core.c:6682\n wait_on_state fs/btrfs/extent-io-tree.c:707 [inline]\n wait_extent_bit+0x577/0x6f0 fs/btrfs/extent-io-tree.c:751\n lock_extent+0x1c2/0x280 fs/btrfs/extent-io-tree.c:1742\n find_lock_delalloc_range+0x4e6/0x9c0 fs/btrfs/extent_io.c:488\n writepage_delalloc+0x1ef/0x540 fs/btrfs/extent_io.c:1863\n __extent_writepage+0x736/0x14e0 fs/btrfs/extent_io.c:2174\n extent_write_cache_pages+0x983/0x1220 fs/btrfs/extent_io.c:3091\n extent_writepages+0x219/0x540 fs/btrfs/extent_io.c:3211\n do_writepages+0x3c3/0x680 mm/page-writeback.c:2581\n filemap_fdatawrite_wbc+0x11e/0x170 mm/filemap.c:388\n __filemap_fdatawrite_range mm/filemap.c:421 [inline]\n filemap_fdatawrite_range+0x175/0x200 mm/filemap.c:439\n btrfs_fdatawrite_range fs/btrfs/file.c:3850 [inline]\n start_ordered_ops fs/btrfs/file.c:1737 [inline]\n btrfs_sync_file+0x4ff/0x1190 fs/btrfs/file.c:1839\n generic_write_sync include/linux/fs.h:2885 [inline]\n btrfs_do_write_iter+0xcd3/0x1280 fs/btrfs/file.c:1684\n call_write_iter include/linux/fs.h:2189 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x7dc/0xc50 fs/read_write.c:584\n ksys_write+0x177/0x2a0 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7f7d4054e9b9\n RSP: 002b:00007f7d404fa2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n RAX: ffffffffffffffda RBX: 00007f7d405d87a0 RCX: 00007f7d4054e9b9\n RDX: 0000000000000090 RSI: 0000000020000000 RDI: 0000000000000006\n RBP: 00007f7d405a51d0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 61635f65646f6e69\n R13: 65646f7475616f6e R14: 7261637369646f6e R15: 00007f7d405d87a8\n \u003c/TASK\u003e\n INFO: task syz-executor361:5697 blocked for more than 145 seconds.\n Not tainted 6.2.0-rc3-syzkaller-00376-g7c6984405241 #0\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:syz-executor361 state:D stack:21216 pid:5697 ppid:5119 flags:0x00004004\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5293 [inline]\n __schedule+0x995/0xe20 kernel/sched/core.c:6606\n schedule+0xcb/0x190 kernel/sched/core.c:6682\n rwsem_down_read_slowpath+0x5f9/0x930 kernel/locking/rwsem.c:1095\n __down_read_common+0x54/0x2a0 kernel/locking/rwsem.c:1260\n btrfs_page_mkwrite+0x417/0xc80 fs/btrfs/inode.c:8526\n do_page_mkwrite+0x19e/0x5e0 mm/memory.c:2947\n wp_page_shared+0x15e/0x380 mm/memory.c:3295\n handle_pte_fault mm/memory.c:4949 [inline]\n __handle_mm_fault mm/memory.c:5073 [inline]\n handle_mm_fault+0x1b79/0x26b0 mm/memory.c:5219\n do_user_addr_fault+0x69b/0xcb0 arch/x86/mm/fault.c:1428\n handle_page_fault arch/x86/mm/fault.c:1519 [inline]\n exc_page_fault+0x7a/0x110 arch/x86/mm/fault.c:1575\n asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:570\n RIP: 0010:copy_user_short_string+0xd/0x40 arch/x86/lib/copy_user_64.S:233\n Code: 74 0a 89 (...)\n RSP: 0018:ffffc9000570f330 EFLAGS: 000502\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52737",
"url": "https://www.suse.com/security/cve/CVE-2023-52737"
},
{
"category": "external",
"summary": "SUSE Bug 1225484 for CVE-2023-52737",
"url": "https://bugzilla.suse.com/1225484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52737"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-52754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imon: fix access to invalid resource for the second interface\n\nimon driver probes two USB interfaces, and at the probe of the second\ninterface, the driver assumes blindly that the first interface got\nbound with the same imon driver. It\u0027s usually true, but it\u0027s still\npossible that the first interface is bound with another driver via a\nmalformed descriptor. Then it may lead to a memory corruption, as\nspotted by syzkaller; imon driver accesses the data from drvdata as\nstruct imon_context object although it\u0027s a completely different one\nthat was assigned by another driver.\n\nThis patch adds a sanity check -- whether the first interface is\nreally bound with the imon driver or not -- for avoiding the problem\nabove at the probe time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52754",
"url": "https://www.suse.com/security/cve/CVE-2023-52754"
},
{
"category": "external",
"summary": "SUSE Bug 1225490 for CVE-2023-52754",
"url": "https://bugzilla.suse.com/1225490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52754"
},
{
"cve": "CVE-2023-52757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential deadlock when releasing mids\n\nAll release_mid() callers seem to hold a reference of @mid so there is\nno need to call kref_put(\u0026mid-\u003erefcount, __release_mid) under\n@server-\u003emid_lock spinlock. If they don\u0027t, then an use-after-free bug\nwould have occurred anyways.\n\nBy getting rid of such spinlock also fixes a potential deadlock as\nshown below\n\nCPU 0 CPU 1\n------------------------------------------------------------------\ncifs_demultiplex_thread() cifs_debug_data_proc_show()\n release_mid()\n spin_lock(\u0026server-\u003emid_lock);\n spin_lock(\u0026cifs_tcp_ses_lock)\n\t\t\t\t spin_lock(\u0026server-\u003emid_lock)\n __release_mid()\n smb2_find_smb_tcon()\n spin_lock(\u0026cifs_tcp_ses_lock) *deadlock*",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52757",
"url": "https://www.suse.com/security/cve/CVE-2023-52757"
},
{
"category": "external",
"summary": "SUSE Bug 1225548 for CVE-2023-52757",
"url": "https://bugzilla.suse.com/1225548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52757"
},
{
"cve": "CVE-2023-52762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: fix implicit overflow on virtio_max_dma_size\n\nThe following codes have an implicit conversion from size_t to u32:\n(u32)max_size = (size_t)virtio_max_dma_size(vdev);\n\nThis may lead overflow, Ex (size_t)4G -\u003e (u32)0. Once\nvirtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX\ninstead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52762",
"url": "https://www.suse.com/security/cve/CVE-2023-52762"
},
{
"category": "external",
"summary": "SUSE Bug 1225573 for CVE-2023-52762",
"url": "https://bugzilla.suse.com/1225573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52762"
},
{
"cve": "CVE-2023-52764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\n\nWhen the value of the variable \"sd-\u003eparams.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52764",
"url": "https://www.suse.com/security/cve/CVE-2023-52764"
},
{
"category": "external",
"summary": "SUSE Bug 1225571 for CVE-2023-52764",
"url": "https://bugzilla.suse.com/1225571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52764"
},
{
"cve": "CVE-2023-52784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: stop the device in bond_setup_by_slave()\n\nCommit 9eed321cde22 (\"net: lapbether: only support ethernet devices\")\nhas been able to keep syzbot away from net/lapb, until today.\n\nIn the following splat [1], the issue is that a lapbether device has\nbeen created on a bonding device without members. Then adding a non\nARPHRD_ETHER member forced the bonding master to change its type.\n\nThe fix is to make sure we call dev_close() in bond_setup_by_slave()\nso that the potential linked lapbether devices (or any other devices\nhaving assumptions on the physical device) are removed.\n\nA similar bug has been addressed in commit 40baec225765\n(\"bonding: fix panic on non-ARPHRD_ETHER enslave failure\")\n\n[1]\nskbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0\nkernel BUG at net/core/skbuff.c:192 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_panic net/core/skbuff.c:188 [inline]\npc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nlr : skb_panic net/core/skbuff.c:188 [inline]\nlr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nsp : ffff800096a06aa0\nx29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000\nx26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea\nx23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140\nx20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100\nx17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001\nx14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00\nx8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c\nx2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086\nCall trace:\nskb_panic net/core/skbuff.c:188 [inline]\nskb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nskb_push+0xf0/0x108 net/core/skbuff.c:2446\nip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384\ndev_hard_header include/linux/netdevice.h:3136 [inline]\nlapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257\nlapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447\nlapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149\nlapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251\n__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326\nlapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nlapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nbond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332\nbond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539\ndev_ifsioc+0x754/0x9ac\ndev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786\nsock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217\nsock_ioctl+0x4e8/0x834 net/socket.c:1322\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52784",
"url": "https://www.suse.com/security/cve/CVE-2023-52784"
},
{
"category": "external",
"summary": "SUSE Bug 1224946 for CVE-2023-52784",
"url": "https://bugzilla.suse.com/1224946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52784"
},
{
"cve": "CVE-2023-52808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs\n\nIf init debugfs failed during device registration due to memory allocation\nfailure, debugfs_remove_recursive() is called, after which debugfs_dir is\nnot set to NULL. debugfs_remove_recursive() will be called again during\ndevice removal. As a result, illegal pointer is accessed.\n\n[ 1665.467244] hisi_sas_v3_hw 0000:b4:02.0: failed to init debugfs!\n...\n[ 1669.836708] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a0\n[ 1669.872669] pc : down_write+0x24/0x70\n[ 1669.876315] lr : down_write+0x1c/0x70\n[ 1669.879961] sp : ffff000036f53a30\n[ 1669.883260] x29: ffff000036f53a30 x28: ffffa027c31549f8\n[ 1669.888547] x27: ffffa027c3140000 x26: 0000000000000000\n[ 1669.893834] x25: ffffa027bf37c270 x24: ffffa027bf37c270\n[ 1669.899122] x23: ffff0000095406b8 x22: ffff0000095406a8\n[ 1669.904408] x21: 0000000000000000 x20: ffffa027bf37c310\n[ 1669.909695] x19: 00000000000000a0 x18: ffff8027dcd86f10\n[ 1669.914982] x17: 0000000000000000 x16: 0000000000000000\n[ 1669.920268] x15: 0000000000000000 x14: ffffa0274014f870\n[ 1669.925555] x13: 0000000000000040 x12: 0000000000000228\n[ 1669.930842] x11: 0000000000000020 x10: 0000000000000bb0\n[ 1669.936129] x9 : ffff000036f537f0 x8 : ffff80273088ca10\n[ 1669.941416] x7 : 000000000000001d x6 : 00000000ffffffff\n[ 1669.946702] x5 : ffff000008a36310 x4 : ffff80273088be00\n[ 1669.951989] x3 : ffff000009513e90 x2 : 0000000000000000\n[ 1669.957276] x1 : 00000000000000a0 x0 : ffffffff00000001\n[ 1669.962563] Call trace:\n[ 1669.965000] down_write+0x24/0x70\n[ 1669.968301] debugfs_remove_recursive+0x5c/0x1b0\n[ 1669.972905] hisi_sas_debugfs_exit+0x24/0x30 [hisi_sas_main]\n[ 1669.978541] hisi_sas_v3_remove+0x130/0x150 [hisi_sas_v3_hw]\n[ 1669.984175] pci_device_remove+0x48/0xd8\n[ 1669.988082] device_release_driver_internal+0x1b4/0x250\n[ 1669.993282] device_release_driver+0x28/0x38\n[ 1669.997534] pci_stop_bus_device+0x84/0xb8\n[ 1670.001611] pci_stop_and_remove_bus_device_locked+0x24/0x40\n[ 1670.007244] remove_store+0xfc/0x140\n[ 1670.010802] dev_attr_store+0x44/0x60\n[ 1670.014448] sysfs_kf_write+0x58/0x80\n[ 1670.018095] kernfs_fop_write+0xe8/0x1f0\n[ 1670.022000] __vfs_write+0x60/0x190\n[ 1670.025472] vfs_write+0xac/0x1c0\n[ 1670.028771] ksys_write+0x6c/0xd8\n[ 1670.032071] __arm64_sys_write+0x24/0x30\n[ 1670.035977] el0_svc_common+0x78/0x130\n[ 1670.039710] el0_svc_handler+0x38/0x78\n[ 1670.043442] el0_svc+0x8/0xc\n\nTo fix this, set debugfs_dir to NULL after debugfs_remove_recursive().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52808",
"url": "https://www.suse.com/security/cve/CVE-2023-52808"
},
{
"category": "external",
"summary": "SUSE Bug 1225555 for CVE-2023-52808",
"url": "https://bugzilla.suse.com/1225555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52808"
},
{
"cve": "CVE-2023-52809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()\n\nfc_lport_ptp_setup() did not check the return value of fc_rport_create()\nwhich can return NULL and would cause a NULL pointer dereference. Address\nthis issue by checking return value of fc_rport_create() and log error\nmessage on fc_rport_create() failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52809",
"url": "https://www.suse.com/security/cve/CVE-2023-52809"
},
{
"category": "external",
"summary": "SUSE Bug 1225556 for CVE-2023-52809",
"url": "https://bugzilla.suse.com/1225556"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52809"
},
{
"cve": "CVE-2023-52811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Remove BUG_ON in the case of an empty event pool\n\nIn practice the driver should never send more commands than are allocated\nto a queue\u0027s event pool. In the unlikely event that this happens, the code\nasserts a BUG_ON, and in the case that the kernel is not configured to\ncrash on panic returns a junk event pointer from the empty event list\ncausing things to spiral from there. This BUG_ON is a historical artifact\nof the ibmvfc driver first being upstreamed, and it is well known now that\nthe use of BUG_ON is bad practice except in the most unrecoverable\nscenario. There is nothing about this scenario that prevents the driver\nfrom recovering and carrying on.\n\nRemove the BUG_ON in question from ibmvfc_get_event() and return a NULL\npointer in the case of an empty event pool. Update all call sites to\nibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate\nfailure or recovery action.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52811",
"url": "https://www.suse.com/security/cve/CVE-2023-52811"
},
{
"category": "external",
"summary": "SUSE Bug 1225559 for CVE-2023-52811",
"url": "https://bugzilla.suse.com/1225559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52811"
},
{
"cve": "CVE-2023-52832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type \u0027int\u0027\n CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE\n Call Trace:\n dump_stack+0x74/0x92\n ubsan_epilogue+0x9/0x50\n handle_overflow+0x8d/0xd0\n __ubsan_handle_mul_overflow+0xe/0x10\n nl80211_send_iface+0x688/0x6b0 [cfg80211]\n [...]\n cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n [...]\n ieee80211_if_add+0x60e/0x8f0 [mac80211]\n ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52832",
"url": "https://www.suse.com/security/cve/CVE-2023-52832"
},
{
"category": "external",
"summary": "SUSE Bug 1225577 for CVE-2023-52832",
"url": "https://bugzilla.suse.com/1225577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52832"
},
{
"cve": "CVE-2023-52834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natl1c: Work around the DMA RX overflow issue\n\nThis is based on alx driver commit 881d0327db37 (\"net: alx: Work around\nthe DMA RX overflow issue\").\n\nThe alx and atl1c drivers had RX overflow error which was why a custom\nallocator was created to avoid certain addresses. The simpler workaround\nthen created for alx driver, but not for atl1c due to lack of tester.\n\nInstead of using a custom allocator, check the allocated skb address and\nuse skb_reserve() to move away from problematic 0x...fc0 address.\n\nTested on AR8131 on Acer 4540.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52834",
"url": "https://www.suse.com/security/cve/CVE-2023-52834"
},
{
"category": "external",
"summary": "SUSE Bug 1225599 for CVE-2023-52834",
"url": "https://bugzilla.suse.com/1225599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52834"
},
{
"cve": "CVE-2023-52835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Bail out early if the request AUX area is out of bound\n\nWhen perf-record with a large AUX area, e.g 4GB, it fails with:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)\n\nand it reveals a WARNING with __alloc_pages():\n\n\t------------[ cut here ]------------\n\tWARNING: CPU: 44 PID: 17573 at mm/page_alloc.c:5568 __alloc_pages+0x1ec/0x248\n\tCall trace:\n\t __alloc_pages+0x1ec/0x248\n\t __kmalloc_large_node+0xc0/0x1f8\n\t __kmalloc_node+0x134/0x1e8\n\t rb_alloc_aux+0xe0/0x298\n\t perf_mmap+0x440/0x660\n\t mmap_region+0x308/0x8a8\n\t do_mmap+0x3c0/0x528\n\t vm_mmap_pgoff+0xf4/0x1b8\n\t ksys_mmap_pgoff+0x18c/0x218\n\t __arm64_sys_mmap+0x38/0x58\n\t invoke_syscall+0x50/0x128\n\t el0_svc_common.constprop.0+0x58/0x188\n\t do_el0_svc+0x34/0x50\n\t el0_svc+0x34/0x108\n\t el0t_64_sync_handler+0xb8/0xc0\n\t el0t_64_sync+0x1a4/0x1a8\n\n\u0027rb-\u003eaux_pages\u0027 allocated by kcalloc() is a pointer array which is used to\nmaintains AUX trace pages. The allocated page for this array is physically\ncontiguous (and virtually contiguous) with an order of 0..MAX_ORDER. If the\nsize of pointer array crosses the limitation set by MAX_ORDER, it reveals a\nWARNING.\n\nSo bail out early with -ENOMEM if the request AUX area is out of bound,\ne.g.:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52835",
"url": "https://www.suse.com/security/cve/CVE-2023-52835"
},
{
"category": "external",
"summary": "SUSE Bug 1225602 for CVE-2023-52835",
"url": "https://bugzilla.suse.com/1225602"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52835"
},
{
"cve": "CVE-2023-52843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: verify mac len before reading mac header\n\nLLC reads the mac header with eth_hdr without verifying that the skb\nhas an Ethernet header.\n\nSyzbot was able to enter llc_rcv on a tun device. Tun can insert\npackets without mac len and with user configurable skb-\u003eprotocol\n(passing a tun_pi header when not configuring IFF_NO_PI).\n\n BUG: KMSAN: uninit-value in llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n BUG: KMSAN: uninit-value in llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_rcv+0xc5d/0x14a0 net/llc/llc_input.c:218\n __netif_receive_skb_one_core net/core/dev.c:5523 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5637\n netif_receive_skb_internal net/core/dev.c:5723 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5782\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x54c5/0x69c0 drivers/net/tun.c:2002\n\nAdd a mac_len test before all three eth_hdr(skb) calls under net/llc.\n\nThere are further uses in include/net/llc_pdu.h. All these are\nprotected by a test skb-\u003eprotocol == ETH_P_802_2. Which does not\nprotect against this tun scenario.\n\nBut the mac_len test added in this patch in llc_fixup_skb will\nindirectly protect those too. That is called from llc_rcv before any\nother LLC code.\n\nIt is tempting to just add a blanket mac_len check in llc_rcv, but\nnot sure whether that could break valid LLC paths that do not assume\nan Ethernet header. 802.2 LLC may be used on top of non-802.3\nprotocols in principle. The below referenced commit shows that used\nto, on top of Token Ring.\n\nAt least one of the three eth_hdr uses goes back to before the start\nof git history. But the one that syzbot exercises is introduced in\nthis commit. That commit is old enough (2008), that effectively all\nstable kernels should receive this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52843",
"url": "https://www.suse.com/security/cve/CVE-2023-52843"
},
{
"category": "external",
"summary": "SUSE Bug 1224951 for CVE-2023-52843",
"url": "https://bugzilla.suse.com/1224951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52843"
},
{
"cve": "CVE-2023-52845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING\n\nsyzbot reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline]\nBUG: KMSAN: uninit-value in strstr+0xb8/0x2f0 lib/string.c:756\n strlen lib/string.c:418 [inline]\n strstr+0xb8/0x2f0 lib/string.c:756\n tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595\n genl_family_rcv_msg_doit net/netlink/genetlink.c:971 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1051 [inline]\n genl_rcv_msg+0x11ec/0x1290 net/netlink/genetlink.c:1066\n netlink_rcv_skb+0x371/0x650 net/netlink/af_netlink.c:2545\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1075\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0xf47/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x318/0x740 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [inline]\n netlink_sendmsg+0xb34/0x13d0 net/netlink/af_netlink.c:1885\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTIPC bearer-related names including link names must be null-terminated\nstrings. If a link name which is not null-terminated is passed through\nnetlink, strstr() and similar functions can cause buffer overrun. This\ncauses the above issue.\n\nThis patch changes the nla_policy for bearer-related names from NLA_STRING\nto NLA_NUL_STRING. This resolves the issue by ensuring that only\nnull-terminated strings are accepted as bearer-related names.\n\nsyzbot reported similar uninit-value issue related to bearer names [2]. The\nroot cause of this issue is that a non-null-terminated bearer name was\npassed. This patch also resolved this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52845",
"url": "https://www.suse.com/security/cve/CVE-2023-52845"
},
{
"category": "external",
"summary": "SUSE Bug 1225585 for CVE-2023-52845",
"url": "https://bugzilla.suse.com/1225585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52845"
},
{
"cve": "CVE-2023-52855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency\n\nIn _dwc2_hcd_urb_enqueue(), \"urb-\u003ehcpriv = NULL\" is executed without\nholding the lock \"hsotg-\u003elock\". In _dwc2_hcd_urb_dequeue():\n\n spin_lock_irqsave(\u0026hsotg-\u003elock, flags);\n ...\n\tif (!urb-\u003ehcpriv) {\n\t\tdev_dbg(hsotg-\u003edev, \"## urb-\u003ehcpriv is NULL ##\\n\");\n\t\tgoto out;\n\t}\n rc = dwc2_hcd_urb_dequeue(hsotg, urb-\u003ehcpriv); // Use urb-\u003ehcpriv\n ...\nout:\n spin_unlock_irqrestore(\u0026hsotg-\u003elock, flags);\n\nWhen _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() are\nconcurrently executed, the NULL check of \"urb-\u003ehcpriv\" can be executed\nbefore \"urb-\u003ehcpriv = NULL\". After urb-\u003ehcpriv is NULL, it can be used\nin the function call to dwc2_hcd_urb_dequeue(), which can cause a NULL\npointer dereference.\n\nThis possible bug is found by an experimental static analysis tool\ndeveloped by myself. This tool analyzes the locking APIs to extract\nfunction pairs that can be concurrently executed, and then analyzes the\ninstructions in the paired functions to identify possible concurrency\nbugs including data races and atomicity violations. The above possible\nbug is reported, when my tool analyzes the source code of Linux 6.5.\n\nTo fix this possible bug, \"urb-\u003ehcpriv = NULL\" should be executed with\nholding the lock \"hsotg-\u003elock\". After using this patch, my tool never\nreports the possible bug, with the kernelconfiguration allyesconfig for\nx86_64. Because I have no associated hardware, I cannot test the patch\nin runtime testing, and just verify it according to the code logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52855",
"url": "https://www.suse.com/security/cve/CVE-2023-52855"
},
{
"category": "external",
"summary": "SUSE Bug 1225583 for CVE-2023-52855",
"url": "https://bugzilla.suse.com/1225583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52855"
},
{
"cve": "CVE-2023-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: do not accept ACK of bytes we never sent\n\nThis patch is based on a detailed report and ideas from Yepeng Pan\nand Christian Rossow.\n\nACK seq validation is currently following RFC 5961 5.2 guidelines:\n\n The ACK value is considered acceptable only if\n it is in the range of ((SND.UNA - MAX.SND.WND) \u003c= SEG.ACK \u003c=\n SND.NXT). All incoming segments whose ACK value doesn\u0027t satisfy the\n above condition MUST be discarded and an ACK sent back. It needs to\n be noted that RFC 793 on page 72 (fifth check) says: \"If the ACK is a\n duplicate (SEG.ACK \u003c SND.UNA), it can be ignored. If the ACK\n acknowledges something not yet sent (SEG.ACK \u003e SND.NXT) then send an\n ACK, drop the segment, and return\". The \"ignored\" above implies that\n the processing of the incoming data segment continues, which means\n the ACK value is treated as acceptable. This mitigation makes the\n ACK check more stringent since any ACK \u003c SND.UNA wouldn\u0027t be\n accepted, instead only ACKs that are in the range ((SND.UNA -\n MAX.SND.WND) \u003c= SEG.ACK \u003c= SND.NXT) get through.\n\nThis can be refined for new (and possibly spoofed) flows,\nby not accepting ACK for bytes that were never sent.\n\nThis greatly improves TCP security at a little cost.\n\nI added a Fixes: tag to make sure this patch will reach stable trees,\neven if the \u0027blamed\u0027 patch was adhering to the RFC.\n\ntp-\u003ebytes_acked was added in linux-4.2\n\nFollowing packetdrill test (courtesy of Yepeng Pan) shows\nthe issue at hand:\n\n0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3\n+0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0\n+0 bind(3, ..., ...) = 0\n+0 listen(3, 1024) = 0\n\n// ---------------- Handshake ------------------- //\n\n// when window scale is set to 14 the window size can be extended to\n// 65535 * (2^14) = 1073725440. Linux would accept an ACK packet\n// with ack number in (Server_ISN+1-1073725440. Server_ISN+1)\n// ,though this ack number acknowledges some data never\n// sent by the server.\n\n+0 \u003c S 0:0(0) win 65535 \u003cmss 1400,nop,wscale 14\u003e\n+0 \u003e S. 0:0(0) ack 1 \u003c...\u003e\n+0 \u003c . 1:1(0) ack 1 win 65535\n+0 accept(3, ..., ...) = 4\n\n// For the established connection, we send an ACK packet,\n// the ack packet uses ack number 1 - 1073725300 + 2^32,\n// where 2^32 is used to wrap around.\n// Note: we used 1073725300 instead of 1073725440 to avoid possible\n// edge cases.\n// 1 - 1073725300 + 2^32 = 3221241997\n\n// Oops, old kernels happily accept this packet.\n+0 \u003c . 1:1001(1000) ack 3221241997 win 65535\n\n// After the kernel fix the following will be replaced by a challenge ACK,\n// and prior malicious frame would be dropped.\n+0 \u003e . 1:1(0) ack 1001",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52881",
"url": "https://www.suse.com/security/cve/CVE-2023-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1225611 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "external",
"summary": "SUSE Bug 1226152 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1226152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2023-52881"
},
{
"cve": "CVE-2024-26633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()\n\nsyzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken.\n\nReading frag_off can only be done if we pulled enough bytes\nto skb-\u003ehead. Currently we might access garbage.\n\n[1]\nBUG: KMSAN: uninit-value in ip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendmsg net/socket.c:2676 [inline]\n__se_sys_sendmsg net/socket.c:2674 [inline]\n__x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\nslab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\nslab_alloc_node mm/slub.c:3478 [inline]\n__kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n__do_kmalloc_node mm/slab_common.c:1006 [inline]\n__kmalloc_node_track_caller+0x118/0x3c0 mm/slab_common.c:1027\nkmalloc_reserve+0x249/0x4a0 net/core/skbuff.c:582\npskb_expand_head+0x226/0x1a00 net/core/skbuff.c:2098\n__pskb_pull_tail+0x13b/0x2310 net/core/skbuff.c:2655\npskb_may_pull_reason include/linux/skbuff.h:2673 [inline]\npskb_may_pull include/linux/skbuff.h:2681 [inline]\nip6_tnl_parse_tlv_enc_lim+0x901/0xbb0 net/ipv6/ip6_tunnel.c:408\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendms\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26633",
"url": "https://www.suse.com/security/cve/CVE-2024-26633"
},
{
"category": "external",
"summary": "SUSE Bug 1221647 for CVE-2024-26633",
"url": "https://bugzilla.suse.com/1221647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26633"
},
{
"cve": "CVE-2024-26641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\n\nsyzbot found __ip6_tnl_rcv() could access unitiliazed data [1].\n\nCall pskb_inet_may_pull() to fix this, and initialize ipv6h\nvariable after this call as it can change skb-\u003ehead.\n\n[1]\n BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n ip6ip6_dscp_ecn_decapsulate+0x178/0x1b0 net/ipv6/ip6_tunnel.c:727\n __ip6_tnl_rcv+0xd4e/0x1590 net/ipv6/ip6_tunnel.c:845\n ip6_tnl_rcv+0xce/0x100 net/ipv6/ip6_tunnel.c:888\n gre_rcv+0x143f/0x1870\n ip6_protocol_deliver_rcu+0xda6/0x2a60 net/ipv6/ip6_input.c:438\n ip6_input_finish net/ipv6/ip6_input.c:483 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip6_input+0x15d/0x430 net/ipv6/ip6_input.c:492\n ip6_mc_input+0xa7e/0xc80 net/ipv6/ip6_input.c:586\n dst_input include/net/dst.h:461 [inline]\n ip6_rcv_finish+0x5db/0x870 net/ipv6/ip6_input.c:79\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ipv6_rcv+0xda/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core net/core/dev.c:5532 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5646\n netif_receive_skb_internal net/core/dev.c:5732 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5791\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x53af/0x66d0 drivers/net/tun.c:2002\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2084 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x786/0x1200 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x318/0x740 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1286 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787\n tun_alloc_skb drivers/net/tun.c:1531 [inline]\n tun_get_user+0x1e8a/0x66d0 drivers/net/tun.c:1846\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2084 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x786/0x1200 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nCPU: 0 PID: 5034 Comm: syz-executor331 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26641",
"url": "https://www.suse.com/security/cve/CVE-2024-26641"
},
{
"category": "external",
"summary": "SUSE Bug 1221654 for CVE-2024-26641",
"url": "https://bugzilla.suse.com/1221654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26641"
},
{
"cve": "CVE-2024-26679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: read sk-\u003esk_family once in inet_recv_error()\n\ninet_recv_error() is called without holding the socket lock.\n\nIPv6 socket could mutate to IPv4 with IPV6_ADDRFORM\nsocket option and trigger a KCSAN warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26679",
"url": "https://www.suse.com/security/cve/CVE-2024-26679"
},
{
"category": "external",
"summary": "SUSE Bug 1222385 for CVE-2024-26679",
"url": "https://bugzilla.suse.com/1222385"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26679"
},
{
"cve": "CVE-2024-26687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/events: close evtchn after mapping cleanup\n\nshutdown_pirq and startup_pirq are not taking the\nirq_mapping_update_lock because they can\u0027t due to lock inversion. Both\nare called with the irq_desc-\u003elock being taking. The lock order,\nhowever, is first irq_mapping_update_lock and then irq_desc-\u003elock.\n\nThis opens multiple races:\n- shutdown_pirq can be interrupted by a function that allocates an event\n channel:\n\n CPU0 CPU1\n shutdown_pirq {\n xen_evtchn_close(e)\n __startup_pirq {\n EVTCHNOP_bind_pirq\n -\u003e returns just freed evtchn e\n set_evtchn_to_irq(e, irq)\n }\n xen_irq_info_cleanup() {\n set_evtchn_to_irq(e, -1)\n }\n }\n\n Assume here event channel e refers here to the same event channel\n number.\n After this race the evtchn_to_irq mapping for e is invalid (-1).\n\n- __startup_pirq races with __unbind_from_irq in a similar way. Because\n __startup_pirq doesn\u0027t take irq_mapping_update_lock it can grab the\n evtchn that __unbind_from_irq is currently freeing and cleaning up. In\n this case even though the event channel is allocated, its mapping can\n be unset in evtchn_to_irq.\n\nThe fix is to first cleanup the mappings and then close the event\nchannel. In this way, when an event channel gets allocated it\u0027s\npotential previous evtchn_to_irq mappings are guaranteed to be unset already.\nThis is also the reverse order of the allocation where first the event\nchannel is allocated and then the mappings are setup.\n\nOn a 5.10 kernel prior to commit 3fcdaf3d7634 (\"xen/events: modify internal\n[un]bind interfaces\"), we hit a BUG like the following during probing of NVMe\ndevices. The issue is that during nvme_setup_io_queues, pci_free_irq\nis called for every device which results in a call to shutdown_pirq.\nWith many nvme devices it\u0027s therefore likely to hit this race during\nboot because there will be multiple calls to shutdown_pirq and\nstartup_pirq are running potentially in parallel.\n\n ------------[ cut here ]------------\n blkfront: xvda: barrier or flush: disabled; persistent grants: enabled; indirect descriptors: enabled; bounce buffer: enabled\n kernel BUG at drivers/xen/events/events_base.c:499!\n invalid opcode: 0000 [#1] SMP PTI\n CPU: 44 PID: 375 Comm: kworker/u257:23 Not tainted 5.10.201-191.748.amzn2.x86_64 #1\n Hardware name: Xen HVM domU, BIOS 4.11.amazon 08/24/2006\n Workqueue: nvme-reset-wq nvme_reset_work\n RIP: 0010:bind_evtchn_to_cpu+0xdf/0xf0\n Code: 5d 41 5e c3 cc cc cc cc 44 89 f7 e8 2b 55 ad ff 49 89 c5 48 85 c0 0f 84 64 ff ff ff 4c 8b 68 30 41 83 fe ff 0f 85 60 ff ff ff \u003c0f\u003e 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 0f 1f 44 00 00\n RSP: 0000:ffffc9000d533b08 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000006\n RDX: 0000000000000028 RSI: 00000000ffffffff RDI: 00000000ffffffff\n RBP: ffff888107419680 R08: 0000000000000000 R09: ffffffff82d72b00\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000000001ed\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffff88bc8b500000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000002610001 CR4: 00000000001706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n ? show_trace_log_lvl+0x1c1/0x2d9\n ? show_trace_log_lvl+0x1c1/0x2d9\n ? set_affinity_irq+0xdc/0x1c0\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0x90/0x110\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? do_error_trap+0x65/0x80\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? exc_invalid_op+0x4e/0x70\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? asm_exc_invalid_op+0x12/0x20\n ? bind_evtchn_to_cpu+0xdf/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26687",
"url": "https://www.suse.com/security/cve/CVE-2024-26687"
},
{
"category": "external",
"summary": "SUSE Bug 1222435 for CVE-2024-26687",
"url": "https://bugzilla.suse.com/1222435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26687"
},
{
"cve": "CVE-2024-26720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26720"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26720",
"url": "https://www.suse.com/security/cve/CVE-2024-26720"
},
{
"category": "external",
"summary": "SUSE Bug 1222364 for CVE-2024-26720",
"url": "https://bugzilla.suse.com/1222364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26720"
},
{
"cve": "CVE-2024-26813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/platform: Create persistent IRQ handlers\n\nThe vfio-platform SET_IRQS ioctl currently allows loopback triggering of\nan interrupt before a signaling eventfd has been configured by the user,\nwhich thereby allows a NULL pointer dereference.\n\nRather than register the IRQ relative to a valid trigger, register all\nIRQs in a disabled state in the device open path. This allows mask\noperations on the IRQ to nest within the overall enable state governed\nby a valid eventfd signal. This decouples @masked, protected by the\n@locked spinlock from @trigger, protected via the @igate mutex.\n\nIn doing so, it\u0027s guaranteed that changes to @trigger cannot race the\nIRQ handlers because the IRQ handler is synchronously disabled before\nmodifying the trigger, and loopback triggering of the IRQ via ioctl is\nsafe due to serialization with trigger changes via igate.\n\nFor compatibility, request_irq() failures are maintained to be local to\nthe SET_IRQS ioctl rather than a fatal error in the open device path.\nThis allows, for example, a userspace driver with polling mode support\nto continue to work regardless of moving the request_irq() call site.\nThis necessarily blocks all SET_IRQS access to the failed index.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26813",
"url": "https://www.suse.com/security/cve/CVE-2024-26813"
},
{
"category": "external",
"summary": "SUSE Bug 1222809 for CVE-2024-26813",
"url": "https://bugzilla.suse.com/1222809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26813"
},
{
"cve": "CVE-2024-26845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: core: Add TMF to tmr_list handling\n\nAn abort that is responded to by iSCSI itself is added to tmr_list but does\nnot go to target core. A LUN_RESET that goes through tmr_list takes a\nrefcounter on the abort and waits for completion. However, the abort will\nbe never complete because it was not started in target core.\n\n Unable to locate ITT: 0x05000000 on CID: 0\n Unable to locate RefTaskTag: 0x05000000 on CID: 0.\n wait_for_tasks: Stopping tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop\n wait for tasks: tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop\n...\n INFO: task kworker/0:2:49 blocked for more than 491 seconds.\n task:kworker/0:2 state:D stack: 0 pid: 49 ppid: 2 flags:0x00000800\n Workqueue: events target_tmr_work [target_core_mod]\nCall Trace:\n __switch_to+0x2c4/0x470\n _schedule+0x314/0x1730\n schedule+0x64/0x130\n schedule_timeout+0x168/0x430\n wait_for_completion+0x140/0x270\n target_put_cmd_and_wait+0x64/0xb0 [target_core_mod]\n core_tmr_lun_reset+0x30/0xa0 [target_core_mod]\n target_tmr_work+0xc8/0x1b0 [target_core_mod]\n process_one_work+0x2d4/0x5d0\n worker_thread+0x78/0x6c0\n\nTo fix this, only add abort to tmr_list if it will be handled by target\ncore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26845",
"url": "https://www.suse.com/security/cve/CVE-2024-26845"
},
{
"category": "external",
"summary": "SUSE Bug 1223018 for CVE-2024-26845",
"url": "https://bugzilla.suse.com/1223018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26845"
},
{
"cve": "CVE-2024-26863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Fix uninit-value access in hsr_get_node()\n\nKMSAN reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246\n hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246\n fill_frame_info net/hsr/hsr_forward.c:577 [inline]\n hsr_forward_skb+0xe12/0x30e0 net/hsr/hsr_forward.c:615\n hsr_dev_xmit+0x1a1/0x270 net/hsr/hsr_device.c:223\n __netdev_start_xmit include/linux/netdevice.h:4940 [inline]\n netdev_start_xmit include/linux/netdevice.h:4954 [inline]\n xmit_one net/core/dev.c:3548 [inline]\n dev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\n dev_queue_xmit include/linux/netdevice.h:3134 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3087 [inline]\n packet_sendmsg+0x8b1d/0x9f30 net/packet/af_packet.c:3119\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x318/0x740 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1286 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787\n packet_alloc_skb net/packet/af_packet.c:2936 [inline]\n packet_snd net/packet/af_packet.c:3030 [inline]\n packet_sendmsg+0x70e8/0x9f30 net/packet/af_packet.c:3119\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nCPU: 1 PID: 5033 Comm: syz-executor334 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\n=====================================================\n\nIf the packet type ID field in the Ethernet header is either ETH_P_PRP or\nETH_P_HSR, but it is not followed by an HSR tag, hsr_get_skb_sequence_nr()\nreads an invalid value as a sequence number. This causes the above issue.\n\nThis patch fixes the issue by returning NULL if the Ethernet header is not\nfollowed by an HSR tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26863",
"url": "https://www.suse.com/security/cve/CVE-2024-26863"
},
{
"category": "external",
"summary": "SUSE Bug 1223021 for CVE-2024-26863",
"url": "https://bugzilla.suse.com/1223021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26863"
},
{
"cve": "CVE-2024-26894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()\n\nAfter unregistering the CPU idle device, the memory associated with\nit is not freed, leading to a memory leak:\n\nunreferenced object 0xffff896282f6c000 (size 1024):\n comm \"swapper/0\", pid 1, jiffies 4294893170\n hex dump (first 32 bytes):\n 00 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 8836a742):\n [\u003cffffffff993495ed\u003e] kmalloc_trace+0x29d/0x340\n [\u003cffffffff9972f3b3\u003e] acpi_processor_power_init+0xf3/0x1c0\n [\u003cffffffff9972d263\u003e] __acpi_processor_start+0xd3/0xf0\n [\u003cffffffff9972d2bc\u003e] acpi_processor_start+0x2c/0x50\n [\u003cffffffff99805872\u003e] really_probe+0xe2/0x480\n [\u003cffffffff99805c98\u003e] __driver_probe_device+0x78/0x160\n [\u003cffffffff99805daf\u003e] driver_probe_device+0x1f/0x90\n [\u003cffffffff9980601e\u003e] __driver_attach+0xce/0x1c0\n [\u003cffffffff99803170\u003e] bus_for_each_dev+0x70/0xc0\n [\u003cffffffff99804822\u003e] bus_add_driver+0x112/0x210\n [\u003cffffffff99807245\u003e] driver_register+0x55/0x100\n [\u003cffffffff9aee4acb\u003e] acpi_processor_driver_init+0x3b/0xc0\n [\u003cffffffff990012d1\u003e] do_one_initcall+0x41/0x300\n [\u003cffffffff9ae7c4b0\u003e] kernel_init_freeable+0x320/0x470\n [\u003cffffffff99b231f6\u003e] kernel_init+0x16/0x1b0\n [\u003cffffffff99042e6d\u003e] ret_from_fork+0x2d/0x50\n\nFix this by freeing the CPU idle device after unregistering it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26894",
"url": "https://www.suse.com/security/cve/CVE-2024-26894"
},
{
"category": "external",
"summary": "SUSE Bug 1223043 for CVE-2024-26894",
"url": "https://bugzilla.suse.com/1223043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26894"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-26928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_debug_files_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26928",
"url": "https://www.suse.com/security/cve/CVE-2024-26928"
},
{
"category": "external",
"summary": "SUSE Bug 1223532 for CVE-2024-26928",
"url": "https://bugzilla.suse.com/1223532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26928"
},
{
"cve": "CVE-2024-26973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfat: fix uninitialized field in nostale filehandles\n\nWhen fat_encode_fh_nostale() encodes file handle without a parent it\nstores only first 10 bytes of the file handle. However the length of the\nfile handle must be a multiple of 4 so the file handle is actually 12\nbytes long and the last two bytes remain uninitialized. This is not\ngreat at we potentially leak uninitialized information with the handle\nto userspace. Properly initialize the full handle length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26973",
"url": "https://www.suse.com/security/cve/CVE-2024-26973"
},
{
"category": "external",
"summary": "SUSE Bug 1223641 for CVE-2024-26973",
"url": "https://bugzilla.suse.com/1223641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-26973"
},
{
"cve": "CVE-2024-27399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27399"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout\n\nThere is a race condition between l2cap_chan_timeout() and\nl2cap_chan_del(). When we use l2cap_chan_del() to delete the\nchannel, the chan-\u003econn will be set to null. But the conn could\nbe dereferenced again in the mutex_lock() of l2cap_chan_timeout().\nAs a result the null pointer dereference bug will happen. The\nKASAN report triggered by POC is shown below:\n\n[ 472.074580] ==================================================================\n[ 472.075284] BUG: KASAN: null-ptr-deref in mutex_lock+0x68/0xc0\n[ 472.075308] Write of size 8 at addr 0000000000000158 by task kworker/0:0/7\n[ 472.075308]\n[ 472.075308] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.075308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.075308] Workqueue: events l2cap_chan_timeout\n[ 472.075308] Call Trace:\n[ 472.075308] \u003cTASK\u003e\n[ 472.075308] dump_stack_lvl+0x137/0x1a0\n[ 472.075308] print_report+0x101/0x250\n[ 472.075308] ? __virt_addr_valid+0x77/0x160\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_report+0x139/0x170\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_check_range+0x2c3/0x2e0\n[ 472.075308] mutex_lock+0x68/0xc0\n[ 472.075308] l2cap_chan_timeout+0x181/0x300\n[ 472.075308] process_one_work+0x5d2/0xe00\n[ 472.075308] worker_thread+0xe1d/0x1660\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] kthread+0x2b7/0x350\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork+0x4d/0x80\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork_asm+0x11/0x20\n[ 472.075308] \u003c/TASK\u003e\n[ 472.075308] ==================================================================\n[ 472.094860] Disabling lock debugging due to kernel taint\n[ 472.096136] BUG: kernel NULL pointer dereference, address: 0000000000000158\n[ 472.096136] #PF: supervisor write access in kernel mode\n[ 472.096136] #PF: error_code(0x0002) - not-present page\n[ 472.096136] PGD 0 P4D 0\n[ 472.096136] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI\n[ 472.096136] CPU: 0 PID: 7 Comm: kworker/0:0 Tainted: G B 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.096136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.096136] Workqueue: events l2cap_chan_timeout\n[ 472.096136] RIP: 0010:mutex_lock+0x88/0xc0\n[ 472.096136] Code: be 08 00 00 00 e8 f8 23 1f fd 4c 89 f7 be 08 00 00 00 e8 eb 23 1f fd 42 80 3c 23 00 74 08 48 88\n[ 472.096136] RSP: 0018:ffff88800744fc78 EFLAGS: 00000246\n[ 472.096136] RAX: 0000000000000000 RBX: 1ffff11000e89f8f RCX: ffffffff8457c865\n[ 472.096136] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88800744fc78\n[ 472.096136] RBP: 0000000000000158 R08: ffff88800744fc7f R09: 1ffff11000e89f8f\n[ 472.096136] R10: dffffc0000000000 R11: ffffed1000e89f90 R12: dffffc0000000000\n[ 472.096136] R13: 0000000000000158 R14: ffff88800744fc78 R15: ffff888007405a00\n[ 472.096136] FS: 0000000000000000(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000\n[ 472.096136] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 472.096136] CR2: 0000000000000158 CR3: 000000000da32000 CR4: 00000000000006f0\n[ 472.096136] Call Trace:\n[ 472.096136] \u003cTASK\u003e\n[ 472.096136] ? __die_body+0x8d/0xe0\n[ 472.096136] ? page_fault_oops+0x6b8/0x9a0\n[ 472.096136] ? kernelmode_fixup_or_oops+0x20c/0x2a0\n[ 472.096136] ? do_user_addr_fault+0x1027/0x1340\n[ 472.096136] ? _printk+0x7a/0xa0\n[ 472.096136] ? mutex_lock+0x68/0xc0\n[ 472.096136] ? add_taint+0x42/0xd0\n[ 472.096136] ? exc_page_fault+0x6a/0x1b0\n[ 472.096136] ? asm_exc_page_fault+0x26/0x30\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] ? mutex_lock+0x88/0xc0\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] l2cap_chan_timeo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27399",
"url": "https://www.suse.com/security/cve/CVE-2024-27399"
},
{
"category": "external",
"summary": "SUSE Bug 1224177 for CVE-2024-27399",
"url": "https://bugzilla.suse.com/1224177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-27399"
},
{
"cve": "CVE-2024-27410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27410"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject iftype change with mesh ID change\n\nIt\u0027s currently possible to change the mesh ID when the\ninterface isn\u0027t yet in mesh mode, at the same time as\nchanging it into mesh mode. This leads to an overwrite\nof data in the wdev-\u003eu union for the interface type it\ncurrently has, causing cfg80211_change_iface() to do\nwrong things when switching.\n\nWe could probably allow setting an interface to mesh\nwhile setting the mesh ID at the same time by doing a\ndifferent order of operations here, but realistically\nthere\u0027s no userspace that\u0027s going to do this, so just\ndisallow changes in iftype when setting mesh ID.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27410",
"url": "https://www.suse.com/security/cve/CVE-2024-27410"
},
{
"category": "external",
"summary": "SUSE Bug 1224432 for CVE-2024-27410",
"url": "https://bugzilla.suse.com/1224432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-27410"
},
{
"cve": "CVE-2024-35247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35247"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: region: add owner module and take its refcount\n\nThe current implementation of the fpga region assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the region\nduring programming if the parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_region\nstruct and use it to take the module\u0027s refcount. Modify the functions for\nregistering a region to take an additional owner module parameter and\nrename them to avoid conflicts. Use the old function names for helper\nmacros that automatically set the module that registers the region as the\nowner. This ensures compatibility with existing low-level control modules\nand reduces the chances of registering a region without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35247",
"url": "https://www.suse.com/security/cve/CVE-2024-35247"
},
{
"category": "external",
"summary": "SUSE Bug 1226948 for CVE-2024-35247",
"url": "https://bugzilla.suse.com/1226948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35247"
},
{
"cve": "CVE-2024-35807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix corruption during on-line resize\n\nWe observed a corruption during on-line resize of a file system that is\nlarger than 16 TiB with 4k block size. With having more then 2^32 blocks\nresize_inode is turned off by default by mke2fs. The issue can be\nreproduced on a smaller file system for convenience by explicitly\nturning off resize_inode. An on-line resize across an 8 GiB boundary (the\nsize of a meta block group in this setup) then leads to a corruption:\n\n dev=/dev/\u003csome_dev\u003e # should be \u003e= 16 GiB\n mkdir -p /corruption\n /sbin/mke2fs -t ext4 -b 4096 -O ^resize_inode $dev $((2 * 2**21 - 2**15))\n mount -t ext4 $dev /corruption\n\n dd if=/dev/zero bs=4096 of=/corruption/test count=$((2*2**21 - 4*2**15))\n sha1sum /corruption/test\n # 79d2658b39dcfd77274e435b0934028adafaab11 /corruption/test\n\n /sbin/resize2fs $dev $((2*2**21))\n # drop page cache to force reload the block from disk\n echo 1 \u003e /proc/sys/vm/drop_caches\n\n sha1sum /corruption/test\n # 3c2abc63cbf1a94c9e6977e0fbd72cd832c4d5c3 /corruption/test\n\n2^21 = 2^15*2^6 equals 8 GiB whereof 2^15 is the number of blocks per\nblock group and 2^6 are the number of block groups that make a meta\nblock group.\n\nThe last checksum might be different depending on how the file is laid\nout across the physical blocks. The actual corruption occurs at physical\nblock 63*2^15 = 2064384 which would be the location of the backup of the\nmeta block group\u0027s block descriptor. During the on-line resize the file\nsystem will be converted to meta_bg starting at s_first_meta_bg which is\n2 in the example - meaning all block groups after 16 GiB. However, in\next4_flex_group_add we might add block groups that are not part of the\nfirst meta block group yet. In the reproducer we achieved this by\nsubstracting the size of a whole block group from the point where the\nmeta block group would start. This must be considered when updating the\nbackup block group descriptors to follow the non-meta_bg layout. The fix\nis to add a test whether the group to add is already part of the meta\nblock group or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35807",
"url": "https://www.suse.com/security/cve/CVE-2024-35807"
},
{
"category": "external",
"summary": "SUSE Bug 1224735 for CVE-2024-35807",
"url": "https://bugzilla.suse.com/1224735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35807"
},
{
"cve": "CVE-2024-35822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: udc: remove warning when queue disabled ep\n\nIt is possible trigger below warning message from mass storage function,\n\nWARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usb_ep_queue+0x7c/0x104\npc : usb_ep_queue+0x7c/0x104\nlr : fsg_main_thread+0x494/0x1b3c\n\nRoot cause is mass storage function try to queue request from main thread,\nbut other thread may already disable ep when function disable.\n\nAs there is no function failure in the driver, in order to avoid effort\nto fix warning, change WARN_ON_ONCE() in usb_ep_queue() to pr_debug().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35822",
"url": "https://www.suse.com/security/cve/CVE-2024-35822"
},
{
"category": "external",
"summary": "SUSE Bug 1224739 for CVE-2024-35822",
"url": "https://bugzilla.suse.com/1224739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35822"
},
{
"cve": "CVE-2024-35835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix a double-free in arfs_create_groups\n\nWhen `in` allocated by kvzalloc fails, arfs_create_groups will free\nft-\u003eg and return an error. However, arfs_create_table, the only caller of\narfs_create_groups, will hold this error and call to\nmlx5e_destroy_flow_table, in which the ft-\u003eg will be freed again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35835",
"url": "https://www.suse.com/security/cve/CVE-2024-35835"
},
{
"category": "external",
"summary": "SUSE Bug 1224605 for CVE-2024-35835",
"url": "https://bugzilla.suse.com/1224605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35835"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35865",
"url": "https://www.suse.com/security/cve/CVE-2024-35865"
},
{
"category": "external",
"summary": "SUSE Bug 1224668 for CVE-2024-35865",
"url": "https://bugzilla.suse.com/1224668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35865"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_write()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35868",
"url": "https://www.suse.com/security/cve/CVE-2024-35868"
},
{
"category": "external",
"summary": "SUSE Bug 1224678 for CVE-2024-35868",
"url": "https://bugzilla.suse.com/1224678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35868"
},
{
"cve": "CVE-2024-35870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in smb2_reconnect_server()\n\nThe UAF bug is due to smb2_reconnect_server() accessing a session that\nis already being teared down by another thread that is executing\n__cifs_put_smb_ses(). This can happen when (a) the client has\nconnection to the server but no session or (b) another thread ends up\nsetting @ses-\u003eses_status again to something different than\nSES_EXITING.\n\nTo fix this, we need to make sure to unconditionally set\n@ses-\u003eses_status to SES_EXITING and prevent any other threads from\nsetting a new status while we\u0027re still tearing it down.\n\nThe following can be reproduced by adding some delay to right after\nthe ipc is freed in __cifs_put_smb_ses() - which will give\nsmb2_reconnect_server() worker a chance to run and then accessing\n@ses-\u003eipc:\n\nkinit ...\nmount.cifs //srv/share /mnt/1 -o sec=krb5,nohandlecache,echo_interval=10\n[disconnect srv]\nls /mnt/1 \u0026\u003e/dev/null\nsleep 30\nkdestroy\n[reconnect srv]\nsleep 10\numount /mnt/1\n...\nCIFS: VFS: Verify user has a krb5 ticket and keyutils is installed\nCIFS: VFS: \\\\srv Send error in SessSetup = -126\nCIFS: VFS: Verify user has a krb5 ticket and keyutils is installed\nCIFS: VFS: \\\\srv Send error in SessSetup = -126\ngeneral protection fault, probably for non-canonical address\n0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 50 Comm: kworker/3:1 Not tainted 6.9.0-rc2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39\n04/01/2014\nWorkqueue: cifsiod smb2_reconnect_server [cifs]\nRIP: 0010:__list_del_entry_valid_or_report+0x33/0xf0\nCode: 4f 08 48 85 d2 74 42 48 85 c9 74 59 48 b8 00 01 00 00 00 00 ad\nde 48 39 c2 74 61 48 b8 22 01 00 00 00 00 74 69 \u003c48\u003e 8b 01 48 39 f8 75\n7b 48 8b 72 08 48 39 c6 0f 85 88 00 00 00 b8\nRSP: 0018:ffffc900001bfd70 EFLAGS: 00010a83\nRAX: dead000000000122 RBX: ffff88810da53838 RCX: 6b6b6b6b6b6b6b6b\nRDX: 6b6b6b6b6b6b6b6b RSI: ffffffffc02f6878 RDI: ffff88810da53800\nRBP: ffff88810da53800 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff88810c064000\nR13: 0000000000000001 R14: ffff88810c064000 R15: ffff8881039cc000\nFS: 0000000000000000(0000) GS:ffff888157c00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe3728b1000 CR3: 000000010caa4000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x36/0x90\n ? exc_general_protection+0x1c1/0x3f0\n ? asm_exc_general_protection+0x26/0x30\n ? __list_del_entry_valid_or_report+0x33/0xf0\n __cifs_put_smb_ses+0x1ae/0x500 [cifs]\n smb2_reconnect_server+0x4ed/0x710 [cifs]\n process_one_work+0x205/0x6b0\n worker_thread+0x191/0x360\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe2/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35870",
"url": "https://www.suse.com/security/cve/CVE-2024-35870"
},
{
"category": "external",
"summary": "SUSE Bug 1224672 for CVE-2024-35870",
"url": "https://bugzilla.suse.com/1224672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35870"
},
{
"cve": "CVE-2024-35886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix infinite recursion in fib6_dump_done().\n\nsyzkaller reported infinite recursive calls of fib6_dump_done() during\nnetlink socket destruction. [1]\n\nFrom the log, syzkaller sent an AF_UNSPEC RTM_GETROUTE message, and then\nthe response was generated. The following recvmmsg() resumed the dump\nfor IPv6, but the first call of inet6_dump_fib() failed at kzalloc() due\nto the fault injection. [0]\n\n 12:01:34 executing program 3:\n r0 = socket$nl_route(0x10, 0x3, 0x0)\n sendmsg$nl_route(r0, ... snip ...)\n recvmmsg(r0, ... snip ...) (fail_nth: 8)\n\nHere, fib6_dump_done() was set to nlk_sk(sk)-\u003ecb.done, and the next call\nof inet6_dump_fib() set it to nlk_sk(sk)-\u003ecb.args[3]. syzkaller stopped\nreceiving the response halfway through, and finally netlink_sock_destruct()\ncalled nlk_sk(sk)-\u003ecb.done().\n\nfib6_dump_done() calls fib6_dump_end() and nlk_sk(sk)-\u003ecb.done() if it\nis still not NULL. fib6_dump_end() rewrites nlk_sk(sk)-\u003ecb.done() by\nnlk_sk(sk)-\u003ecb.args[3], but it has the same function, not NULL, calling\nitself recursively and hitting the stack guard page.\n\nTo avoid the issue, let\u0027s set the destructor after kzalloc().\n\n[0]:\nFAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 0\nCPU: 1 PID: 432110 Comm: syz-executor.3 Not tainted 6.8.0-12821-g537c2e91d354-dirty #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:117)\n should_fail_ex (lib/fault-inject.c:52 lib/fault-inject.c:153)\n should_failslab (mm/slub.c:3733)\n kmalloc_trace (mm/slub.c:3748 mm/slub.c:3827 mm/slub.c:3992)\n inet6_dump_fib (./include/linux/slab.h:628 ./include/linux/slab.h:749 net/ipv6/ip6_fib.c:662)\n rtnl_dump_all (net/core/rtnetlink.c:4029)\n netlink_dump (net/netlink/af_netlink.c:2269)\n netlink_recvmsg (net/netlink/af_netlink.c:1988)\n ____sys_recvmsg (net/socket.c:1046 net/socket.c:2801)\n ___sys_recvmsg (net/socket.c:2846)\n do_recvmmsg (net/socket.c:2943)\n __x64_sys_recvmmsg (net/socket.c:3041 net/socket.c:3034 net/socket.c:3034)\n\n[1]:\nBUG: TASK stack guard page was hit at 00000000f2fa9af1 (stack is 00000000b7912430..000000009a436beb)\nstack guard page: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 PID: 223719 Comm: kworker/1:3 Not tainted 6.8.0-12821-g537c2e91d354-dirty #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: events netlink_sock_destruct_work\nRIP: 0010:fib6_dump_done (net/ipv6/ip6_fib.c:570)\nCode: 3c 24 e8 f3 e9 51 fd e9 28 fd ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 41 57 41 56 41 55 41 54 55 48 89 fd \u003c53\u003e 48 8d 5d 60 e8 b6 4d 07 fd 48 89 da 48 b8 00 00 00 00 00 fc ff\nRSP: 0018:ffffc9000d980000 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffffffff84405990 RCX: ffffffff844059d3\nRDX: ffff8881028e0000 RSI: ffffffff84405ac2 RDI: ffff88810c02f358\nRBP: ffff88810c02f358 R08: 0000000000000007 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000224 R12: 0000000000000000\nR13: ffff888007c82c78 R14: ffff888007c82c68 R15: ffff888007c82c68\nFS: 0000000000000000(0000) GS:ffff88811b100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d97fff8 CR3: 0000000102309002 CR4: 0000000000770ef0\nPKRU: 55555554\nCall Trace:\n \u003c#DF\u003e\n \u003c/#DF\u003e\n \u003cTASK\u003e\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n ...\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n netlink_sock_destruct (net/netlink/af_netlink.c:401)\n __sk_destruct (net/core/sock.c:2177 (discriminator 2))\n sk_destruct (net/core/sock.c:2224)\n __sk_free (net/core/sock.c:2235)\n sk_free (net/core/sock.c:2246)\n process_one_work (kernel/workqueue.c:3259)\n worker_thread (kernel/workqueue.c:3329 kernel/workqueue.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35886",
"url": "https://www.suse.com/security/cve/CVE-2024-35886"
},
{
"category": "external",
"summary": "SUSE Bug 1224670 for CVE-2024-35886",
"url": "https://bugzilla.suse.com/1224670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35886"
},
{
"cve": "CVE-2024-35896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35896"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: validate user input for expected length\n\nI got multiple syzbot reports showing old bugs exposed\nby BPF after commit 20f2505fb436 (\"bpf: Try to avoid kzalloc\nin cgroup/{s,g}etsockopt\")\n\nsetsockopt() @optlen argument should be taken into account\nbefore copying data.\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n BUG: KASAN: slab-out-of-bounds in do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\nRead of size 96 at addr ffff88802cd73da0 by task syz-executor.4/7238\n\nCPU: 1 PID: 7238 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\n nf_setsockopt+0x295/0x2c0 net/netfilter/nf_sockopt.c:101\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\nRIP: 0033:0x7fd22067dde9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd21f9ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fd2207abf80 RCX: 00007fd22067dde9\nRDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007fd2206ca47a R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000880 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fd2207abf80 R15: 00007ffd2d0170d8\n \u003c/TASK\u003e\n\nAllocated by task 7238:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:4069 [inline]\n __kmalloc_noprof+0x200/0x410 mm/slub.c:4082\n kmalloc_noprof include/linux/slab.h:664 [inline]\n __cgroup_bpf_run_filter_setsockopt+0xd47/0x1050 kernel/bpf/cgroup.c:1869\n do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\n\nThe buggy address belongs to the object at ffff88802cd73da0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes inside of\n allocated 1-byte region [ffff88802cd73da0, ffff88802cd73da1)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802cd73020 pfn:0x2cd73\nflags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)\npage_type: 0xffffefff(slab)\nraw: 00fff80000000000 ffff888015041280 dead000000000100 dead000000000122\nraw: ffff88802cd73020 000000008080007f 00000001ffffefff 00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35896",
"url": "https://www.suse.com/security/cve/CVE-2024-35896"
},
{
"category": "external",
"summary": "SUSE Bug 1224662 for CVE-2024-35896",
"url": "https://bugzilla.suse.com/1224662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35896"
},
{
"cve": "CVE-2024-35922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbmon: prevent division by zero in fb_videomode_from_videomode()\n\nThe expression htotal * vtotal can have a zero value on\noverflow. It is necessary to prevent division by zero like in\nfb_var_to_videomode().\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35922",
"url": "https://www.suse.com/security/cve/CVE-2024-35922"
},
{
"category": "external",
"summary": "SUSE Bug 1224660 for CVE-2024-35922",
"url": "https://bugzilla.suse.com/1224660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35922"
},
{
"cve": "CVE-2024-35925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst-\u003enr_samples + src-\u003enr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35925",
"url": "https://www.suse.com/security/cve/CVE-2024-35925"
},
{
"category": "external",
"summary": "SUSE Bug 1224661 for CVE-2024-35925",
"url": "https://bugzilla.suse.com/1224661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35925"
},
{
"cve": "CVE-2024-35930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()\n\nThe call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an\nunsuccessful status. In such cases, the elsiocb is not issued, the\ncompletion is not called, and thus the elsiocb resource is leaked.\n\nCheck return value after calling lpfc_sli4_resume_rpi() and conditionally\nrelease the elsiocb resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35930",
"url": "https://www.suse.com/security/cve/CVE-2024-35930"
},
{
"category": "external",
"summary": "SUSE Bug 1224651 for CVE-2024-35930",
"url": "https://bugzilla.suse.com/1224651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35930"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-35956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations\n\nCreate subvolume, create snapshot and delete subvolume all use\nbtrfs_subvolume_reserve_metadata() to reserve metadata for the changes\ndone to the parent subvolume\u0027s fs tree, which cannot be mediated in the\nnormal way via start_transaction. When quota groups (squota or qgroups)\nare enabled, this reserves qgroup metadata of type PREALLOC. Once the\noperation is associated to a transaction, we convert PREALLOC to\nPERTRANS, which gets cleared in bulk at the end of the transaction.\n\nHowever, the error paths of these three operations were not implementing\nthis lifecycle correctly. They unconditionally converted the PREALLOC to\nPERTRANS in a generic cleanup step regardless of errors or whether the\noperation was fully associated to a transaction or not. This resulted in\nerror paths occasionally converting this rsv to PERTRANS without calling\nrecord_root_in_trans successfully, which meant that unless that root got\nrecorded in the transaction by some other thread, the end of the\ntransaction would not free that root\u0027s PERTRANS, leaking it. Ultimately,\nthis resulted in hitting a WARN in CONFIG_BTRFS_DEBUG builds at unmount\nfor the leaked reservation.\n\nThe fix is to ensure that every qgroup PREALLOC reservation observes the\nfollowing properties:\n\n1. any failure before record_root_in_trans is called successfully\n results in freeing the PREALLOC reservation.\n2. after record_root_in_trans, we convert to PERTRANS, and now the\n transaction owns freeing the reservation.\n\nThis patch enforces those properties on the three operations. Without\nit, generic/269 with squotas enabled at mkfs time would fail in ~5-10\nruns on my system. With this patch, it ran successfully 1000 times in a\nrow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35956",
"url": "https://www.suse.com/security/cve/CVE-2024-35956"
},
{
"category": "external",
"summary": "SUSE Bug 1224674 for CVE-2024-35956",
"url": "https://bugzilla.suse.com/1224674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35956"
},
{
"cve": "CVE-2024-35958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Fix incorrect descriptor free behavior\n\nENA has two types of TX queues:\n- queues which only process TX packets arriving from the network stack\n- queues which only process TX packets forwarded to it by XDP_REDIRECT\n or XDP_TX instructions\n\nThe ena_free_tx_bufs() cycles through all descriptors in a TX queue\nand unmaps + frees every descriptor that hasn\u0027t been acknowledged yet\nby the device (uncompleted TX transactions).\nThe function assumes that the processed TX queue is necessarily from\nthe first category listed above and ends up using napi_consume_skb()\nfor descriptors belonging to an XDP specific queue.\n\nThis patch solves a bug in which, in case of a VF reset, the\ndescriptors aren\u0027t freed correctly, leading to crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35958",
"url": "https://www.suse.com/security/cve/CVE-2024-35958"
},
{
"category": "external",
"summary": "SUSE Bug 1224677 for CVE-2024-35958",
"url": "https://bugzilla.suse.com/1224677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35958"
},
{
"cve": "CVE-2024-35960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Properly link new fs rules into the tree\n\nPreviously, add_rule_fg would only add newly created rules from the\nhandle into the tree when they had a refcount of 1. On the other hand,\ncreate_flow_handle tries hard to find and reference already existing\nidentical rules instead of creating new ones.\n\nThese two behaviors can result in a situation where create_flow_handle\n1) creates a new rule and references it, then\n2) in a subsequent step during the same handle creation references it\n again,\nresulting in a rule with a refcount of 2 that is not linked into the\ntree, will have a NULL parent and root and will result in a crash when\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\ndeletion, assumes node-\u003eparent is != NULL.\n\nThis happened in the wild, due to another bug related to incorrect\nhandling of duplicate pkt_reformat ids, which lead to the code in\ncreate_flow_handle incorrectly referencing a just-added rule in the same\nflow handle, resulting in the problem described above. Full details are\nat [1].\n\nThis patch changes add_rule_fg to add new rules without parents into\nthe tree, properly initializing them and avoiding the crash. This makes\nit more consistent with how rules are added to an FTE in\ncreate_flow_handle.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35960",
"url": "https://www.suse.com/security/cve/CVE-2024-35960"
},
{
"category": "external",
"summary": "SUSE Bug 1224588 for CVE-2024-35960",
"url": "https://bugzilla.suse.com/1224588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35960"
},
{
"cve": "CVE-2024-35962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: complete validation of user input\n\nIn my recent commit, I missed that do_replace() handlers\nuse copy_from_sockptr() (which I fixed), followed\nby unsafe copy_from_sockptr_offset() calls.\n\nIn all functions, we can perform the @optlen validation\nbefore even calling xt_alloc_table_info() with the following\ncheck:\n\nif ((u64)optlen \u003c (u64)tmp.size + sizeof(tmp))\n return -EINVAL;",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35962",
"url": "https://www.suse.com/security/cve/CVE-2024-35962"
},
{
"category": "external",
"summary": "SUSE Bug 1224583 for CVE-2024-35962",
"url": "https://bugzilla.suse.com/1224583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35962"
},
{
"cve": "CVE-2024-35976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35976"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING\n\nsyzbot reported an illegal copy in xsk_setsockopt() [1]\n\nMake sure to validate setsockopt() @optlen parameter.\n\n[1]\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in xsk_setsockopt+0x909/0xa40 net/xdp/xsk.c:1420\nRead of size 4 at addr ffff888028c6cde3 by task syz-executor.0/7549\n\nCPU: 0 PID: 7549 Comm: syz-executor.0 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n xsk_setsockopt+0x909/0xa40 net/xdp/xsk.c:1420\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\nRIP: 0033:0x7fb40587de69\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fb40665a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fb4059abf80 RCX: 00007fb40587de69\nRDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000006\nRBP: 00007fb4058ca47a R08: 0000000000000002 R09: 0000000000000000\nR10: 0000000020001980 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fb4059abf80 R15: 00007fff57ee4d08\n \u003c/TASK\u003e\n\nAllocated by task 7549:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3966 [inline]\n __kmalloc+0x233/0x4a0 mm/slub.c:3979\n kmalloc include/linux/slab.h:632 [inline]\n __cgroup_bpf_run_filter_setsockopt+0xd2f/0x1040 kernel/bpf/cgroup.c:1869\n do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nThe buggy address belongs to the object at ffff888028c6cde0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 1 bytes to the right of\n allocated 2-byte region [ffff888028c6cde0, ffff888028c6cde2)\n\nThe buggy address belongs to the physical page:\npage:ffffea0000a31b00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888028c6c9c0 pfn:0x28c6c\nanon flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xffffffff()\nraw: 00fff00000000800 ffff888014c41280 0000000000000000 dead000000000001\nraw: ffff888028c6c9c0 0000000080800057 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as allocated\npage last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 6648, tgid 6644 (syz-executor.0), ts 133906047828, free_ts 133859922223\n set_page_owner include/linux/page_owner.h:31 [inline]\n post_alloc_hook+0x1ea/0x210 mm/page_alloc.c:1533\n prep_new_page mm/page_alloc.c:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35976",
"url": "https://www.suse.com/security/cve/CVE-2024-35976"
},
{
"category": "external",
"summary": "SUSE Bug 1224575 for CVE-2024-35976",
"url": "https://bugzilla.suse.com/1224575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35976"
},
{
"cve": "CVE-2024-35979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid1: fix use-after-free for original bio in raid1_write_request()\n\nr1_bio-\u003ebios[] is used to record new bios that will be issued to\nunderlying disks, however, in raid1_write_request(), r1_bio-\u003ebios[]\nwill set to the original bio temporarily. Meanwhile, if blocked rdev\nis set, free_r1bio() will be called causing that all r1_bio-\u003ebios[]\nto be freed:\n\nraid1_write_request()\n r1_bio = alloc_r1bio(mddev, bio); -\u003e r1_bio-\u003ebios[] is NULL\n for (i = 0; i \u003c disks; i++) -\u003e for each rdev in conf\n // first rdev is normal\n r1_bio-\u003ebios[0] = bio; -\u003e set to original bio\n // second rdev is blocked\n if (test_bit(Blocked, \u0026rdev-\u003eflags))\n break\n\n if (blocked_rdev)\n free_r1bio()\n put_all_bios()\n bio_put(r1_bio-\u003ebios[0]) -\u003e original bio is freed\n\nTest scripts:\n\nmdadm -CR /dev/md0 -l1 -n4 /dev/sd[abcd] --assume-clean\nfio -filename=/dev/md0 -ioengine=libaio -rw=write -bs=4k -numjobs=1 \\\n -iodepth=128 -name=test -direct=1\necho blocked \u003e /sys/block/md0/md/rd2/state\n\nTest result:\n\nBUG bio-264 (Not tainted): Object already free\n-----------------------------------------------------------------------------\n\nAllocated in mempool_alloc_slab+0x24/0x50 age=1 cpu=1 pid=869\n kmem_cache_alloc+0x324/0x480\n mempool_alloc_slab+0x24/0x50\n mempool_alloc+0x6e/0x220\n bio_alloc_bioset+0x1af/0x4d0\n blkdev_direct_IO+0x164/0x8a0\n blkdev_write_iter+0x309/0x440\n aio_write+0x139/0x2f0\n io_submit_one+0x5ca/0xb70\n __do_sys_io_submit+0x86/0x270\n __x64_sys_io_submit+0x22/0x30\n do_syscall_64+0xb1/0x210\n entry_SYSCALL_64_after_hwframe+0x6c/0x74\nFreed in mempool_free_slab+0x1f/0x30 age=1 cpu=1 pid=869\n kmem_cache_free+0x28c/0x550\n mempool_free_slab+0x1f/0x30\n mempool_free+0x40/0x100\n bio_free+0x59/0x80\n bio_put+0xf0/0x220\n free_r1bio+0x74/0xb0\n raid1_make_request+0xadf/0x1150\n md_handle_request+0xc7/0x3b0\n md_submit_bio+0x76/0x130\n __submit_bio+0xd8/0x1d0\n submit_bio_noacct_nocheck+0x1eb/0x5c0\n submit_bio_noacct+0x169/0xd40\n submit_bio+0xee/0x1d0\n blkdev_direct_IO+0x322/0x8a0\n blkdev_write_iter+0x309/0x440\n aio_write+0x139/0x2f0\n\nSince that bios for underlying disks are not allocated yet, fix this\nproblem by using mempool_free() directly to free the r1_bio.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35979",
"url": "https://www.suse.com/security/cve/CVE-2024-35979"
},
{
"category": "external",
"summary": "SUSE Bug 1224572 for CVE-2024-35979",
"url": "https://bugzilla.suse.com/1224572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35979"
},
{
"cve": "CVE-2024-35997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\n\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\n\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\n\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\n\nDelete this unnecessary flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35997",
"url": "https://www.suse.com/security/cve/CVE-2024-35997"
},
{
"category": "external",
"summary": "SUSE Bug 1224552 for CVE-2024-35997",
"url": "https://bugzilla.suse.com/1224552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35997"
},
{
"cve": "CVE-2024-35998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix lock ordering potential deadlock in cifs_sync_mid_result\n\nCoverity spotted that the cifs_sync_mid_result function could deadlock\n\n\"Thread deadlock (ORDER_REVERSAL) lock_order: Calling spin_lock acquires\nlock TCP_Server_Info.srv_lock while holding lock TCP_Server_Info.mid_lock\"\n\nAddresses-Coverity: 1590401 (\"Thread deadlock (ORDER_REVERSAL)\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35998",
"url": "https://www.suse.com/security/cve/CVE-2024-35998"
},
{
"category": "external",
"summary": "SUSE Bug 1224549 for CVE-2024-35998",
"url": "https://bugzilla.suse.com/1224549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-35998"
},
{
"cve": "CVE-2024-36016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix possible out-of-bounds in gsm0_receive()\n\nAssuming the following:\n- side A configures the n_gsm in basic option mode\n- side B sends the header of a basic option mode frame with data length 1\n- side A switches to advanced option mode\n- side B sends 2 data bytes which exceeds gsm-\u003elen\n Reason: gsm-\u003elen is not used in advanced option mode.\n- side A switches to basic option mode\n- side B keeps sending until gsm0_receive() writes past gsm-\u003ebuf\n Reason: Neither gsm-\u003estate nor gsm-\u003elen have been reset after\n reconfiguration.\n\nFix this by changing gsm-\u003ecount to gsm-\u003elen comparison from equal to less\nthan. Also add upper limit checks against the constant MAX_MRU in\ngsm0_receive() and gsm1_receive() to harden against memory corruption of\ngsm-\u003elen and gsm-\u003emru.\n\nAll other checks remain as we still need to limit the data according to the\nuser configuration and actual payload size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36016",
"url": "https://www.suse.com/security/cve/CVE-2024-36016"
},
{
"category": "external",
"summary": "SUSE Bug 1225642 for CVE-2024-36016",
"url": "https://bugzilla.suse.com/1225642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36016"
},
{
"cve": "CVE-2024-36017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation\n\nEach attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a\nstruct ifla_vf_vlan_info so the size of such attribute needs to be at least\nof sizeof(struct ifla_vf_vlan_info) which is 14 bytes.\nThe current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes)\nwhich is less than sizeof(struct ifla_vf_vlan_info) so this validation\nis not enough and a too small attribute might be cast to a\nstruct ifla_vf_vlan_info, this might result in an out of bands\nread access when accessing the saved (casted) entry in ivvl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36017",
"url": "https://www.suse.com/security/cve/CVE-2024-36017"
},
{
"category": "external",
"summary": "SUSE Bug 1225681 for CVE-2024-36017",
"url": "https://bugzilla.suse.com/1225681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36017"
},
{
"cve": "CVE-2024-36025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix off by one in qla_edif_app_getstats()\n\nThe app_reply-\u003eelem[] array is allocated earlier in this function and it\nhas app_req.num_ports elements. Thus this \u003e comparison needs to be \u003e= to\nprevent memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36025",
"url": "https://www.suse.com/security/cve/CVE-2024-36025"
},
{
"category": "external",
"summary": "SUSE Bug 1225704 for CVE-2024-36025",
"url": "https://bugzilla.suse.com/1225704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36025"
},
{
"cve": "CVE-2024-36479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36479"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: bridge: add owner module and take its refcount\n\nThe current implementation of the fpga bridge assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the bridge if\nthe parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_bridge\nstruct and use it to take the module\u0027s refcount. Modify the function for\nregistering a bridge to take an additional owner module parameter and\nrename it to avoid conflicts. Use the old function name for a helper macro\nthat automatically sets the module that registers the bridge as the owner.\nThis ensures compatibility with existing low-level control modules and\nreduces the chances of registering a bridge without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga bridge.\n\nOther changes: opportunistically move put_device() from __fpga_bridge_get()\nto fpga_bridge_get() and of_fpga_bridge_get() to improve code clarity since\nthe bridge device is taken in these functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36479",
"url": "https://www.suse.com/security/cve/CVE-2024-36479"
},
{
"category": "external",
"summary": "SUSE Bug 1226949 for CVE-2024-36479",
"url": "https://bugzilla.suse.com/1226949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36479"
},
{
"cve": "CVE-2024-36592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36592"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36592",
"url": "https://www.suse.com/security/cve/CVE-2024-36592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-36592"
},
{
"cve": "CVE-2024-36880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: add missing firmware sanity checks\n\nAdd the missing sanity checks when parsing the firmware files before\ndownloading them to avoid accessing and corrupting memory beyond the\nvmalloced buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36880",
"url": "https://www.suse.com/security/cve/CVE-2024-36880"
},
{
"category": "external",
"summary": "SUSE Bug 1225722 for CVE-2024-36880",
"url": "https://bugzilla.suse.com/1225722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36880"
},
{
"cve": "CVE-2024-36894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete\n\nFFS based applications can utilize the aio_cancel() callback to dequeue\npending USB requests submitted to the UDC. There is a scenario where the\nFFS application issues an AIO cancel call, while the UDC is handling a\nsoft disconnect. For a DWC3 based implementation, the callstack looks\nlike the following:\n\n DWC3 Gadget FFS Application\ndwc3_gadget_soft_disconnect() ...\n --\u003e dwc3_stop_active_transfers()\n --\u003e dwc3_gadget_giveback(-ESHUTDOWN)\n --\u003e ffs_epfile_async_io_complete() ffs_aio_cancel()\n --\u003e usb_ep_free_request() --\u003e usb_ep_dequeue()\n\nThere is currently no locking implemented between the AIO completion\nhandler and AIO cancel, so the issue occurs if the completion routine is\nrunning in parallel to an AIO cancel call coming from the FFS application.\nAs the completion call frees the USB request (io_data-\u003ereq) the FFS\napplication is also referencing it for the usb_ep_dequeue() call. This can\nlead to accessing a stale/hanging pointer.\n\ncommit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus consistently\")\nrelocated the usb_ep_free_request() into ffs_epfile_async_io_complete().\nHowever, in order to properly implement locking to mitigate this issue, the\nspinlock can\u0027t be added to ffs_epfile_async_io_complete(), as\nusb_ep_dequeue() (if successfully dequeuing a USB request) will call the\nfunction driver\u0027s completion handler in the same context. Hence, leading\ninto a deadlock.\n\nFix this issue by moving the usb_ep_free_request() back to\nffs_user_copy_worker(), and ensuring that it explicitly sets io_data-\u003ereq\nto NULL after freeing it within the ffs-\u003eeps_lock. This resolves the race\ncondition above, as the ffs_aio_cancel() routine will not continue\nattempting to dequeue a request that has already been freed, or the\nffs_user_copy_work() not freeing the USB request until the AIO cancel is\ndone referencing it.\n\nThis fix depends on\n commit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus\n consistently\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36894",
"url": "https://www.suse.com/security/cve/CVE-2024-36894"
},
{
"category": "external",
"summary": "SUSE Bug 1225749 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "external",
"summary": "SUSE Bug 1226139 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1226139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-36894"
},
{
"cve": "CVE-2024-36915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: llcp: fix nfc_llcp_setsockopt() unsafe copies\n\nsyzbot reported unsafe calls to copy_from_sockptr() [1]\n\nUse copy_safe_from_sockptr() instead.\n\n[1]\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in nfc_llcp_setsockopt+0x6c2/0x850 net/nfc/llcp_sock.c:255\nRead of size 4 at addr ffff88801caa1ec3 by task syz-executor459/5078\n\nCPU: 0 PID: 5078 Comm: syz-executor459 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n nfc_llcp_setsockopt+0x6c2/0x850 net/nfc/llcp_sock.c:255\n do_sock_setsockopt+0x3b1/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfd/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\nRIP: 0033:0x7f7fac07fd89\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff660eb788 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f7fac07fd89\nRDX: 0000000000000000 RSI: 0000000000000118 RDI: 0000000000000004\nRBP: 0000000000000000 R08: 0000000000000002 R09: 0000000000000000\nR10: 0000000020000a80 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36915",
"url": "https://www.suse.com/security/cve/CVE-2024-36915"
},
{
"category": "external",
"summary": "SUSE Bug 1225758 for CVE-2024-36915",
"url": "https://bugzilla.suse.com/1225758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36915"
},
{
"cve": "CVE-2024-36917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix overflow in blk_ioctl_discard()\n\nThere is no check for overflow of \u0027start + len\u0027 in blk_ioctl_discard().\nHung task occurs if submit an discard ioctl with the following param:\n start = 0x80000000000ff000, len = 0x8000000000fff000;\nAdd the overflow validation now.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36917",
"url": "https://www.suse.com/security/cve/CVE-2024-36917"
},
{
"category": "external",
"summary": "SUSE Bug 1225770 for CVE-2024-36917",
"url": "https://bugzilla.suse.com/1225770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36917"
},
{
"cve": "CVE-2024-36919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload\n\nThe session resources are used by FW and driver when session is offloaded,\nonce session is uploaded these resources are not used. The lock is not\nrequired as these fields won\u0027t be used any longer. The offload and upload\ncalls are sequential, hence lock is not required.\n\nThis will suppress following BUG_ON():\n\n[ 449.843143] ------------[ cut here ]------------\n[ 449.848302] kernel BUG at mm/vmalloc.c:2727!\n[ 449.853072] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 449.858712] CPU: 5 PID: 1996 Comm: kworker/u24:2 Not tainted 5.14.0-118.el9.x86_64 #1\nRebooting.\n[ 449.867454] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.3.4 11/08/2016\n[ 449.876966] Workqueue: fc_rport_eq fc_rport_work [libfc]\n[ 449.882910] RIP: 0010:vunmap+0x2e/0x30\n[ 449.887098] Code: 00 65 8b 05 14 a2 f0 4a a9 00 ff ff 00 75 1b 55 48 89 fd e8 34 36 79 00 48 85 ed 74 0b 48 89 ef 31 f6 5d e9 14 fc ff ff 5d c3 \u003c0f\u003e 0b 0f 1f 44 00 00 41 57 41 56 49 89 ce 41 55 49 89 fd 41 54 41\n[ 449.908054] RSP: 0018:ffffb83d878b3d68 EFLAGS: 00010206\n[ 449.913887] RAX: 0000000080000201 RBX: ffff8f4355133550 RCX: 000000000d400005\n[ 449.921843] RDX: 0000000000000001 RSI: 0000000000001000 RDI: ffffb83da53f5000\n[ 449.929808] RBP: ffff8f4ac6675800 R08: ffffb83d878b3d30 R09: 00000000000efbdf\n[ 449.937774] R10: 0000000000000003 R11: ffff8f434573e000 R12: 0000000000001000\n[ 449.945736] R13: 0000000000001000 R14: ffffb83da53f5000 R15: ffff8f43d4ea3ae0\n[ 449.953701] FS: 0000000000000000(0000) GS:ffff8f529fc80000(0000) knlGS:0000000000000000\n[ 449.962732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 449.969138] CR2: 00007f8cf993e150 CR3: 0000000efbe10003 CR4: 00000000003706e0\n[ 449.977102] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 449.985065] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 449.993028] Call Trace:\n[ 449.995756] __iommu_dma_free+0x96/0x100\n[ 450.000139] bnx2fc_free_session_resc+0x67/0x240 [bnx2fc]\n[ 450.006171] bnx2fc_upload_session+0xce/0x100 [bnx2fc]\n[ 450.011910] bnx2fc_rport_event_handler+0x9f/0x240 [bnx2fc]\n[ 450.018136] fc_rport_work+0x103/0x5b0 [libfc]\n[ 450.023103] process_one_work+0x1e8/0x3c0\n[ 450.027581] worker_thread+0x50/0x3b0\n[ 450.031669] ? rescuer_thread+0x370/0x370\n[ 450.036143] kthread+0x149/0x170\n[ 450.039744] ? set_kthread_struct+0x40/0x40\n[ 450.044411] ret_from_fork+0x22/0x30\n[ 450.048404] Modules linked in: vfat msdos fat xfs nfs_layout_nfsv41_files rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver dm_service_time qedf qed crc8 bnx2fc libfcoe libfc scsi_transport_fc intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal intel_powerclamp dcdbas rapl intel_cstate intel_uncore mei_me pcspkr mei ipmi_ssif lpc_ich ipmi_si fuse zram ext4 mbcache jbd2 loop nfsv3 nfs_acl nfs lockd grace fscache netfs irdma ice sd_mod t10_pi sg ib_uverbs ib_core 8021q garp mrp stp llc mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt mxm_wmi fb_sys_fops cec crct10dif_pclmul ahci crc32_pclmul bnx2x drm ghash_clmulni_intel libahci rfkill i40e libata megaraid_sas mdio wmi sunrpc lrw dm_crypt dm_round_robin dm_multipath dm_snapshot dm_bufio dm_mirror dm_region_hash dm_log dm_zero dm_mod linear raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx raid6_pq libcrc32c crc32c_intel raid1 raid0 iscsi_ibft squashfs be2iscsi bnx2i cnic uio cxgb4i cxgb4 tls\n[ 450.048497] libcxgbi libcxgb qla4xxx iscsi_boot_sysfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi edd ipmi_devintf ipmi_msghandler\n[ 450.159753] ---[ end trace 712de2c57c64abc8 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36919",
"url": "https://www.suse.com/security/cve/CVE-2024-36919"
},
{
"category": "external",
"summary": "SUSE Bug 1225767 for CVE-2024-36919",
"url": "https://bugzilla.suse.com/1225767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36919"
},
{
"cve": "CVE-2024-36923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix uninitialized values during inode evict\n\nIf an iget fails due to not being able to retrieve information\nfrom the server then the inode structure is only partially\ninitialized. When the inode gets evicted, references to\nuninitialized structures (like fscache cookies) were being\nmade.\n\nThis patch checks for a bad_inode before doing anything other\nthan clearing the inode from the cache. Since the inode is\nbad, it shouldn\u0027t have any state associated with it that needs\nto be written back (and there really isn\u0027t a way to complete\nthose anyways).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36923",
"url": "https://www.suse.com/security/cve/CVE-2024-36923"
},
{
"category": "external",
"summary": "SUSE Bug 1225815 for CVE-2024-36923",
"url": "https://bugzilla.suse.com/1225815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36923"
},
{
"cve": "CVE-2024-36934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbna: ensure the copied buf is NUL terminated\n\nCurrently, we allocate a nbytes-sized kernel buffer and copy nbytes from\nuserspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using sscanf. Fix this issue by using memdup_user_nul\ninstead of memdup_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36934",
"url": "https://www.suse.com/security/cve/CVE-2024-36934"
},
{
"category": "external",
"summary": "SUSE Bug 1225760 for CVE-2024-36934",
"url": "https://bugzilla.suse.com/1225760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36934"
},
{
"cve": "CVE-2024-36938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue\n\nFix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which\nsyzbot reported [1].\n\n[1]\nBUG: KCSAN: data-race in sk_psock_drop / sk_psock_skb_ingress_enqueue\n\nwrite to 0xffff88814b3278b8 of 8 bytes by task 10724 on cpu 1:\n sk_psock_stop_verdict net/core/skmsg.c:1257 [inline]\n sk_psock_drop+0x13e/0x1f0 net/core/skmsg.c:843\n sk_psock_put include/linux/skmsg.h:459 [inline]\n sock_map_close+0x1a7/0x260 net/core/sock_map.c:1648\n unix_release+0x4b/0x80 net/unix/af_unix.c:1048\n __sock_release net/socket.c:659 [inline]\n sock_close+0x68/0x150 net/socket.c:1421\n __fput+0x2c1/0x660 fs/file_table.c:422\n __fput_sync+0x44/0x60 fs/file_table.c:507\n __do_sys_close fs/open.c:1556 [inline]\n __se_sys_close+0x101/0x1b0 fs/open.c:1541\n __x64_sys_close+0x1f/0x30 fs/open.c:1541\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff88814b3278b8 of 8 bytes by task 10713 on cpu 0:\n sk_psock_data_ready include/linux/skmsg.h:464 [inline]\n sk_psock_skb_ingress_enqueue+0x32d/0x390 net/core/skmsg.c:555\n sk_psock_skb_ingress_self+0x185/0x1e0 net/core/skmsg.c:606\n sk_psock_verdict_apply net/core/skmsg.c:1008 [inline]\n sk_psock_verdict_recv+0x3e4/0x4a0 net/core/skmsg.c:1202\n unix_read_skb net/unix/af_unix.c:2546 [inline]\n unix_stream_read_skb+0x9e/0xf0 net/unix/af_unix.c:2682\n sk_psock_verdict_data_ready+0x77/0x220 net/core/skmsg.c:1223\n unix_stream_sendmsg+0x527/0x860 net/unix/af_unix.c:2339\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x140/0x180 net/socket.c:745\n ____sys_sendmsg+0x312/0x410 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x1e9/0x280 net/socket.c:2667\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x46/0x50 net/socket.c:2674\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nvalue changed: 0xffffffff83d7feb0 -\u003e 0x0000000000000000\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 0 PID: 10713 Comm: syz-executor.4 Tainted: G W 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\n\nPrior to this, commit 4cd12c6065df (\"bpf, sockmap: Fix NULL pointer\ndereference in sk_psock_verdict_data_ready()\") fixed one NULL pointer\nsimilarly due to no protection of saved_data_ready. Here is another\ndifferent caller causing the same issue because of the same reason. So\nwe should protect it with sk_callback_lock read lock because the writer\nside in the sk_psock_drop() uses \"write_lock_bh(\u0026sk-\u003esk_callback_lock);\".\n\nTo avoid errors that could happen in future, I move those two pairs of\nlock into the sk_psock_data_ready(), which is suggested by John Fastabend.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36938",
"url": "https://www.suse.com/security/cve/CVE-2024-36938"
},
{
"category": "external",
"summary": "SUSE Bug 1225761 for CVE-2024-36938",
"url": "https://bugzilla.suse.com/1225761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36938"
},
{
"cve": "CVE-2024-36940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: core: delete incorrect free in pinctrl_enable()\n\nThe \"pctldev\" struct is allocated in devm_pinctrl_register_and_init().\nIt\u0027s a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),\nso freeing it in pinctrl_enable() will lead to a double free.\n\nThe devm_pinctrl_dev_release() function frees the pindescs and destroys\nthe mutex as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36940",
"url": "https://www.suse.com/security/cve/CVE-2024-36940"
},
{
"category": "external",
"summary": "SUSE Bug 1225840 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "external",
"summary": "SUSE Bug 1225841 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-36940"
},
{
"cve": "CVE-2024-36949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namd/amdkfd: sync all devices to wait all processes being evicted\n\nIf there are more than one device doing reset in parallel, the first\ndevice will call kfd_suspend_all_processes() to evict all processes\non all devices, this call takes time to finish. other device will\nstart reset and recover without waiting. if the process has not been\nevicted before doing recover, it will be restored, then caused page\nfault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36949",
"url": "https://www.suse.com/security/cve/CVE-2024-36949"
},
{
"category": "external",
"summary": "SUSE Bug 1225894 for CVE-2024-36949",
"url": "https://bugzilla.suse.com/1225894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36949"
},
{
"cve": "CVE-2024-36950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: ohci: mask bus reset interrupts between ISR and bottom half\n\nIn the FireWire OHCI interrupt handler, if a bus reset interrupt has\noccurred, mask bus reset interrupts until bus_reset_work has serviced and\ncleared the interrupt.\n\nNormally, we always leave bus reset interrupts masked. We infer the bus\nreset from the self-ID interrupt that happens shortly thereafter. A\nscenario where we unmask bus reset interrupts was introduced in 2008 in\na007bb857e0b26f5d8b73c2ff90782d9c0972620: If\nOHCI_PARAM_DEBUG_BUSRESETS (8) is set in the debug parameter bitmask, we\nwill unmask bus reset interrupts so we can log them.\n\nirq_handler logs the bus reset interrupt. However, we can\u0027t clear the bus\nreset event flag in irq_handler, because we won\u0027t service the event until\nlater. irq_handler exits with the event flag still set. If the\ncorresponding interrupt is still unmasked, the first bus reset will\nusually freeze the system due to irq_handler being called again each\ntime it exits. This freeze can be reproduced by loading firewire_ohci\nwith \"modprobe firewire_ohci debug=-1\" (to enable all debugging output).\nApparently there are also some cases where bus_reset_work will get called\nsoon enough to clear the event, and operation will continue normally.\n\nThis freeze was first reported a few months after a007bb85 was committed,\nbut until now it was never fixed. The debug level could safely be set\nto -1 through sysfs after the module was loaded, but this would be\nineffectual in logging bus reset interrupts since they were only\nunmasked during initialization.\n\nirq_handler will now leave the event flag set but mask bus reset\ninterrupts, so irq_handler won\u0027t be called again and there will be no\nfreeze. If OHCI_PARAM_DEBUG_BUSRESETS is enabled, bus_reset_work will\nunmask the interrupt after servicing the event, so future interrupts\nwill be caught as desired.\n\nAs a side effect to this change, OHCI_PARAM_DEBUG_BUSRESETS can now be\nenabled through sysfs in addition to during initial module loading.\nHowever, when enabled through sysfs, logging of bus reset interrupts will\nbe effective only starting with the second bus reset, after\nbus_reset_work has executed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36950",
"url": "https://www.suse.com/security/cve/CVE-2024-36950"
},
{
"category": "external",
"summary": "SUSE Bug 1225895 for CVE-2024-36950",
"url": "https://bugzilla.suse.com/1225895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36950"
},
{
"cve": "CVE-2024-36960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix invalid reads in fence signaled events\n\nCorrectly set the length of the drm_event to the size of the structure\nthat\u0027s actually used.\n\nThe length of the drm_event was set to the parent structure instead of\nto the drm_vmw_event_fence which is supposed to be read. drm_read\nuses the length parameter to copy the event to the user space thus\nresuling in oob reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36960",
"url": "https://www.suse.com/security/cve/CVE-2024-36960"
},
{
"category": "external",
"summary": "SUSE Bug 1225872 for CVE-2024-36960",
"url": "https://bugzilla.suse.com/1225872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-36960"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-37021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: manager: add owner module and take its refcount\n\nThe current implementation of the fpga manager assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the manager if\nthe parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_manager\nstruct and use it to take the module\u0027s refcount. Modify the functions for\nregistering the manager to take an additional owner module parameter and\nrename them to avoid conflicts. Use the old function names for helper\nmacros that automatically set the module that registers the manager as the\nowner. This ensures compatibility with existing low-level control modules\nand reduces the chances of registering a manager without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga manager.\n\nOther changes: opportunistically move put_device() from __fpga_mgr_get() to\nfpga_mgr_get() and of_fpga_mgr_get() to improve code clarity since the\nmanager device is taken in these functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37021",
"url": "https://www.suse.com/security/cve/CVE-2024-37021"
},
{
"category": "external",
"summary": "SUSE Bug 1226950 for CVE-2024-37021",
"url": "https://bugzilla.suse.com/1226950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-37021"
},
{
"cve": "CVE-2024-37354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37354"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix crash on racing fsync and size-extending write into prealloc\n\nWe have been seeing crashes on duplicate keys in\nbtrfs_set_item_key_safe():\n\n BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192)\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/ctree.c:2620!\n invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 0 PID: 3139 Comm: xfs_io Kdump: loaded Not tainted 6.9.0 #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:btrfs_set_item_key_safe+0x11f/0x290 [btrfs]\n\nWith the following stack trace:\n\n #0 btrfs_set_item_key_safe (fs/btrfs/ctree.c:2620:4)\n #1 btrfs_drop_extents (fs/btrfs/file.c:411:4)\n #2 log_one_extent (fs/btrfs/tree-log.c:4732:9)\n #3 btrfs_log_changed_extents (fs/btrfs/tree-log.c:4955:9)\n #4 btrfs_log_inode (fs/btrfs/tree-log.c:6626:9)\n #5 btrfs_log_inode_parent (fs/btrfs/tree-log.c:7070:8)\n #6 btrfs_log_dentry_safe (fs/btrfs/tree-log.c:7171:8)\n #7 btrfs_sync_file (fs/btrfs/file.c:1933:8)\n #8 vfs_fsync_range (fs/sync.c:188:9)\n #9 vfs_fsync (fs/sync.c:202:9)\n #10 do_fsync (fs/sync.c:212:9)\n #11 __do_sys_fdatasync (fs/sync.c:225:9)\n #12 __se_sys_fdatasync (fs/sync.c:223:1)\n #13 __x64_sys_fdatasync (fs/sync.c:223:1)\n #14 do_syscall_x64 (arch/x86/entry/common.c:52:14)\n #15 do_syscall_64 (arch/x86/entry/common.c:83:7)\n #16 entry_SYSCALL_64+0xaf/0x14c (arch/x86/entry/entry_64.S:121)\n\nSo we\u0027re logging a changed extent from fsync, which is splitting an\nextent in the log tree. But this split part already exists in the tree,\ntriggering the BUG().\n\nThis is the state of the log tree at the time of the crash, dumped with\ndrgn (https://github.com/osandov/drgn/blob/main/contrib/btrfs_tree.py)\nto get more details than btrfs_print_leaf() gives us:\n\n \u003e\u003e\u003e print_extent_buffer(prog.crashed_thread().stack_trace()[0][\"eb\"])\n leaf 33439744 level 0 items 72 generation 9 owner 18446744073709551610\n leaf 33439744 flags 0x100000000000000\n fs uuid e5bd3946-400c-4223-8923-190ef1f18677\n chunk uuid d58cb17e-6d02-494a-829a-18b7d8a399da\n item 0 key (450 INODE_ITEM 0) itemoff 16123 itemsize 160\n generation 7 transid 9 size 8192 nbytes 8473563889606862198\n block group 0 mode 100600 links 1 uid 0 gid 0 rdev 0\n sequence 204 flags 0x10(PREALLOC)\n atime 1716417703.220000000 (2024-05-22 15:41:43)\n ctime 1716417704.983333333 (2024-05-22 15:41:44)\n mtime 1716417704.983333333 (2024-05-22 15:41:44)\n otime 17592186044416.000000000 (559444-03-08 01:40:16)\n item 1 key (450 INODE_REF 256) itemoff 16110 itemsize 13\n index 195 namelen 3 name: 193\n item 2 key (450 XATTR_ITEM 1640047104) itemoff 16073 itemsize 37\n location key (0 UNKNOWN.0 0) type XATTR\n transid 7 data_len 1 name_len 6\n name: user.a\n data a\n item 3 key (450 EXTENT_DATA 0) itemoff 16020 itemsize 53\n generation 9 type 1 (regular)\n extent data disk byte 303144960 nr 12288\n extent data offset 0 nr 4096 ram 12288\n extent compression 0 (none)\n item 4 key (450 EXTENT_DATA 4096) itemoff 15967 itemsize 53\n generation 9 type 2 (prealloc)\n prealloc data disk byte 303144960 nr 12288\n prealloc data offset 4096 nr 8192\n item 5 key (450 EXTENT_DATA 8192) itemoff 15914 itemsize 53\n generation 9 type 2 (prealloc)\n prealloc data disk byte 303144960 nr 12288\n prealloc data offset 8192 nr 4096\n ...\n\nSo the real problem happened earlier: notice that items 4 (4k-12k) and 5\n(8k-12k) overlap. Both are prealloc extents. Item 4 straddles i_size and\nitem 5 starts at i_size.\n\nHere is the state of \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37354",
"url": "https://www.suse.com/security/cve/CVE-2024-37354"
},
{
"category": "external",
"summary": "SUSE Bug 1227101 for CVE-2024-37354",
"url": "https://bugzilla.suse.com/1227101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-37354"
},
{
"cve": "CVE-2024-38544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix seg fault in rxe_comp_queue_pkt\n\nIn rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the\nresp_pkts queue and then a decision is made whether to run the completer\ntask inline or schedule it. Finally the skb is dereferenced to bump a \u0027hw\u0027\nperformance counter. This is wrong because if the completer task is\nalready running in a separate thread it may have already processed the skb\nand freed it which can cause a seg fault. This has been observed\ninfrequently in testing at high scale.\n\nThis patch fixes this by changing the order of enqueuing the packet until\nafter the counter is accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38544",
"url": "https://www.suse.com/security/cve/CVE-2024-38544"
},
{
"category": "external",
"summary": "SUSE Bug 1226597 for CVE-2024-38544",
"url": "https://bugzilla.suse.com/1226597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38544"
},
{
"cve": "CVE-2024-38545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix UAF for cq async event\n\nThe refcount of CQ is not protected by locks. When CQ asynchronous\nevents and CQ destruction are concurrent, CQ may have been released,\nwhich will cause UAF.\n\nUse the xa_lock() to protect the CQ refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38545",
"url": "https://www.suse.com/security/cve/CVE-2024-38545"
},
{
"category": "external",
"summary": "SUSE Bug 1226595 for CVE-2024-38545",
"url": "https://bugzilla.suse.com/1226595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38545"
},
{
"cve": "CVE-2024-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38546",
"url": "https://www.suse.com/security/cve/CVE-2024-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1226593 for CVE-2024-38546",
"url": "https://bugzilla.suse.com/1226593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38546"
},
{
"cve": "CVE-2024-38549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38549"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Add 0 size check to mtk_drm_gem_obj\n\nAdd a check to mtk_drm_gem_init if we attempt to allocate a GEM object\nof 0 bytes. Currently, no such check exists and the kernel will panic if\na userspace application attempts to allocate a 0x0 GBM buffer.\n\nTested by attempting to allocate a 0x0 GBM buffer on an MT8188 and\nverifying that we now return EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38549",
"url": "https://www.suse.com/security/cve/CVE-2024-38549"
},
{
"category": "external",
"summary": "SUSE Bug 1226735 for CVE-2024-38549",
"url": "https://bugzilla.suse.com/1226735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38549"
},
{
"cve": "CVE-2024-38552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38552"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential index out of bounds in color transformation function\n\nFixes index out of bounds issue in the color transformation function.\nThe issue could occur when the index \u0027i\u0027 exceeds the number of transfer\nfunction points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the\ntransfer function points. If \u0027i\u0027 is out of bounds, an error message is\nlogged and the function returns false to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:405 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.red\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:406 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.green\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:407 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.blue\u0027 1025 \u003c= s32max",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38552",
"url": "https://www.suse.com/security/cve/CVE-2024-38552"
},
{
"category": "external",
"summary": "SUSE Bug 1226767 for CVE-2024-38552",
"url": "https://bugzilla.suse.com/1226767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38552"
},
{
"cve": "CVE-2024-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: remove .ndo_poll_controller to avoid deadlocks\n\nThere is a deadlock issue found in sungem driver, please refer to the\ncommit ac0a230f719b (\"eth: sungem: remove .ndo_poll_controller to avoid\ndeadlocks\"). The root cause of the issue is that netpoll is in atomic\ncontext and disable_irq() is called by .ndo_poll_controller interface\nof sungem driver, however, disable_irq() might sleep. After analyzing\nthe implementation of fec_poll_controller(), the fec driver should have\nthe same issue. Due to the fec driver uses NAPI for TX completions, the\n.ndo_poll_controller is unnecessary to be implemented in the fec driver,\nso fec_poll_controller() can be safely removed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38553",
"url": "https://www.suse.com/security/cve/CVE-2024-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1226744 for CVE-2024-38553",
"url": "https://bugzilla.suse.com/1226744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38553"
},
{
"cve": "CVE-2024-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ar5523: enable proper endpoint verification\n\nSyzkaller reports [1] hitting a warning about an endpoint in use\nnot having an expected type to it.\n\nFix the issue by checking for the existence of all proper\nendpoints with their according types intact.\n\nSadly, this patch has not been tested on real hardware.\n\n[1] Syzkaller report:\n------------[ cut here ]------------\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 3643 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n ar5523_cmd+0x41b/0x780 drivers/net/wireless/ath/ar5523/ar5523.c:275\n ar5523_cmd_read drivers/net/wireless/ath/ar5523/ar5523.c:302 [inline]\n ar5523_host_available drivers/net/wireless/ath/ar5523/ar5523.c:1376 [inline]\n ar5523_probe+0x14b0/0x1d10 drivers/net/wireless/ath/ar5523/ar5523.c:1655\n usb_probe_interface+0x30f/0x7f0 drivers/usb/core/driver.c:396\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_set_configuration+0x101d/0x1900 drivers/usb/core/message.c:2170\n usb_generic_driver_probe+0xbe/0x100 drivers/usb/core/generic.c:238\n usb_probe_device+0xd8/0x2c0 drivers/usb/core/driver.c:293\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_new_device.cold+0x685/0x10ad drivers/usb/core/hub.c:2573\n hub_port_connect drivers/usb/core/hub.c:5353 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5497 [inline]\n port_event drivers/usb/core/hub.c:5653 [inline]\n hub_event+0x26cb/0x45d0 drivers/usb/core/hub.c:5735\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38565",
"url": "https://www.suse.com/security/cve/CVE-2024-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1226747 for CVE-2024-38565",
"url": "https://bugzilla.suse.com/1226747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38565"
},
{
"cve": "CVE-2024-38567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38567"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: carl9170: add a proper sanity check for endpoints\n\nSyzkaller reports [1] hitting a warning which is caused by presence\nof a wrong endpoint type at the URB sumbitting stage. While there\nwas a check for a specific 4th endpoint, since it can switch types\nbetween bulk and interrupt, other endpoints are trusted implicitly.\nSimilar warning is triggered in a couple of other syzbot issues [2].\n\nFix the issue by doing a comprehensive check of all endpoints\ntaking into account difference between high- and full-speed\nconfiguration.\n\n[1] Syzkaller report:\n...\nWARNING: CPU: 0 PID: 4721 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n carl9170_usb_send_rx_irq_urb+0x273/0x340 drivers/net/wireless/ath/carl9170/usb.c:504\n carl9170_usb_init_device drivers/net/wireless/ath/carl9170/usb.c:939 [inline]\n carl9170_usb_firmware_finish drivers/net/wireless/ath/carl9170/usb.c:999 [inline]\n carl9170_usb_firmware_step2+0x175/0x240 drivers/net/wireless/ath/carl9170/usb.c:1028\n request_firmware_work_func+0x130/0x240 drivers/base/firmware_loader/main.c:1107\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308\n \u003c/TASK\u003e\n\n[2] Related syzkaller crashes:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38567",
"url": "https://www.suse.com/security/cve/CVE-2024-38567"
},
{
"category": "external",
"summary": "SUSE Bug 1226769 for CVE-2024-38567",
"url": "https://bugzilla.suse.com/1226769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38567"
},
{
"cve": "CVE-2024-38578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38578"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\necryptfs: Fix buffer size for tag 66 packet\n\nThe \u0027TAG 66 Packet Format\u0027 description is missing the cipher code and\nchecksum fields that are packed into the message packet. As a result,\nthe buffer allocated for the packet is 3 bytes too small and\nwrite_tag_66_packet() will write up to 3 bytes past the end of the\nbuffer.\n\nFix this by increasing the size of the allocation so the whole packet\nwill always fit in the buffer.\n\nThis fixes the below kasan slab-out-of-bounds bug:\n\n BUG: KASAN: slab-out-of-bounds in ecryptfs_generate_key_packet_set+0x7d6/0xde0\n Write of size 1 at addr ffff88800afbb2a5 by task touch/181\n\n CPU: 0 PID: 181 Comm: touch Not tainted 6.6.13-gnu #1 4c9534092be820851bb687b82d1f92a426598dc6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2/GNU Guix 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4c/0x70\n print_report+0xc5/0x610\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? kasan_complete_mode_report_info+0x44/0x210\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n kasan_report+0xc2/0x110\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n __asan_store1+0x62/0x80\n ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? __pfx_ecryptfs_generate_key_packet_set+0x10/0x10\n ? __alloc_pages+0x2e2/0x540\n ? __pfx_ovl_open+0x10/0x10 [overlay 30837f11141636a8e1793533a02e6e2e885dad1d]\n ? dentry_open+0x8f/0xd0\n ecryptfs_write_metadata+0x30a/0x550\n ? __pfx_ecryptfs_write_metadata+0x10/0x10\n ? ecryptfs_get_lower_file+0x6b/0x190\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n ? __pfx_path_openat+0x10/0x10\n do_filp_open+0x15e/0x290\n ? __pfx_do_filp_open+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? _raw_spin_lock+0x86/0xf0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? alloc_fd+0xf4/0x330\n do_sys_openat2+0x122/0x160\n ? __pfx_do_sys_openat2+0x10/0x10\n __x64_sys_openat+0xef/0x170\n ? __pfx___x64_sys_openat+0x10/0x10\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n RIP: 0033:0x7f00a703fd67\n Code: 25 00 00 41 00 3d 00 00 41 00 74 37 64 8b 04 25 18 00 00 00 85 c0 75 5b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 0f 87 85 00 00 00 48 83 c4 68 5d 41 5c c3 0f 1f\n RSP: 002b:00007ffc088e30b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\n RAX: ffffffffffffffda RBX: 00007ffc088e3368 RCX: 00007f00a703fd67\n RDX: 0000000000000941 RSI: 00007ffc088e48d7 RDI: 00000000ffffff9c\n RBP: 00007ffc088e48d7 R08: 0000000000000001 R09: 0000000000000000\n R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000941\n R13: 0000000000000000 R14: 00007ffc088e48d7 R15: 00007f00a7180040\n \u003c/TASK\u003e\n\n Allocated by task 181:\n kasan_save_stack+0x2f/0x60\n kasan_set_track+0x29/0x40\n kasan_save_alloc_info+0x25/0x40\n __kasan_kmalloc+0xc5/0xd0\n __kmalloc+0x66/0x160\n ecryptfs_generate_key_packet_set+0x6d2/0xde0\n ecryptfs_write_metadata+0x30a/0x550\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n do_filp_open+0x15e/0x290\n do_sys_openat2+0x122/0x160\n __x64_sys_openat+0xef/0x170\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38578",
"url": "https://www.suse.com/security/cve/CVE-2024-38578"
},
{
"category": "external",
"summary": "SUSE Bug 1226634 for CVE-2024-38578",
"url": "https://bugzilla.suse.com/1226634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38578"
},
{
"cve": "CVE-2024-38579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: bcm - Fix pointer arithmetic\n\nIn spu2_dump_omd() value of ptr is increased by ciph_key_len\ninstead of hash_iv_len which could lead to going beyond the\nbuffer boundaries.\nFix this bug by changing ciph_key_len to hash_iv_len.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38579",
"url": "https://www.suse.com/security/cve/CVE-2024-38579"
},
{
"category": "external",
"summary": "SUSE Bug 1226637 for CVE-2024-38579",
"url": "https://bugzilla.suse.com/1226637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38579"
},
{
"cve": "CVE-2024-38580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nepoll: be better about file lifetimes\n\nepoll can call out to vfs_poll() with a file pointer that may race with\nthe last \u0027fput()\u0027. That would make f_count go down to zero, and while\nthe ep-\u003emtx locking means that the resulting file pointer tear-down will\nbe blocked until the poll returns, it means that f_count is already\ndead, and any use of it won\u0027t actually get a reference to the file any\nmore: it\u0027s dead regardless.\n\nMake sure we have a valid ref on the file pointer before we call down to\nvfs_poll() from the epoll routines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38580",
"url": "https://www.suse.com/security/cve/CVE-2024-38580"
},
{
"category": "external",
"summary": "SUSE Bug 1226610 for CVE-2024-38580",
"url": "https://bugzilla.suse.com/1226610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38580"
},
{
"cve": "CVE-2024-38597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: sungem: remove .ndo_poll_controller to avoid deadlocks\n\nErhard reports netpoll warnings from sungem:\n\n netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398)\n WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370 netpoll_send_skb+0x1fc/0x20c\n\ngem_poll_controller() disables interrupts, which may sleep.\nWe can\u0027t sleep in netpoll, it has interrupts disabled completely.\nStrangely, gem_poll_controller() doesn\u0027t even poll the completions,\nand instead acts as if an interrupt has fired so it just schedules\nNAPI and exits. None of this has been necessary for years, since\nnetpoll invokes NAPI directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38597",
"url": "https://www.suse.com/security/cve/CVE-2024-38597"
},
{
"category": "external",
"summary": "SUSE Bug 1226749 for CVE-2024-38597",
"url": "https://bugzilla.suse.com/1226749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38597"
},
{
"cve": "CVE-2024-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix a race between readers and resize checks\n\nThe reader code in rb_get_reader_page() swaps a new reader page into the\nring buffer by doing cmpxchg on old-\u003elist.prev-\u003enext to point it to the\nnew page. Following that, if the operation is successful,\nold-\u003elist.next-\u003eprev gets updated too. This means the underlying\ndoubly-linked list is temporarily inconsistent, page-\u003eprev-\u003enext or\npage-\u003enext-\u003eprev might not be equal back to page for some page in the\nring buffer.\n\nThe resize operation in ring_buffer_resize() can be invoked in parallel.\nIt calls rb_check_pages() which can detect the described inconsistency\nand stop further tracing:\n\n[ 190.271762] ------------[ cut here ]------------\n[ 190.271771] WARNING: CPU: 1 PID: 6186 at kernel/trace/ring_buffer.c:1467 rb_check_pages.isra.0+0x6a/0xa0\n[ 190.271789] Modules linked in: [...]\n[ 190.271991] Unloaded tainted modules: intel_uncore_frequency(E):1 skx_edac(E):1\n[ 190.272002] CPU: 1 PID: 6186 Comm: cmd.sh Kdump: loaded Tainted: G E 6.9.0-rc6-default #5 158d3e1e6d0b091c34c3b96bfd99a1c58306d79f\n[ 190.272011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552c-rebuilt.opensuse.org 04/01/2014\n[ 190.272015] RIP: 0010:rb_check_pages.isra.0+0x6a/0xa0\n[ 190.272023] Code: [...]\n[ 190.272028] RSP: 0018:ffff9c37463abb70 EFLAGS: 00010206\n[ 190.272034] RAX: ffff8eba04b6cb80 RBX: 0000000000000007 RCX: ffff8eba01f13d80\n[ 190.272038] RDX: ffff8eba01f130c0 RSI: ffff8eba04b6cd00 RDI: ffff8eba0004c700\n[ 190.272042] RBP: ffff8eba0004c700 R08: 0000000000010002 R09: 0000000000000000\n[ 190.272045] R10: 00000000ffff7f52 R11: ffff8eba7f600000 R12: ffff8eba0004c720\n[ 190.272049] R13: ffff8eba00223a00 R14: 0000000000000008 R15: ffff8eba067a8000\n[ 190.272053] FS: 00007f1bd64752c0(0000) GS:ffff8eba7f680000(0000) knlGS:0000000000000000\n[ 190.272057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 190.272061] CR2: 00007f1bd6662590 CR3: 000000010291e001 CR4: 0000000000370ef0\n[ 190.272070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 190.272073] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 190.272077] Call Trace:\n[ 190.272098] \u003cTASK\u003e\n[ 190.272189] ring_buffer_resize+0x2ab/0x460\n[ 190.272199] __tracing_resize_ring_buffer.part.0+0x23/0xa0\n[ 190.272206] tracing_resize_ring_buffer+0x65/0x90\n[ 190.272216] tracing_entries_write+0x74/0xc0\n[ 190.272225] vfs_write+0xf5/0x420\n[ 190.272248] ksys_write+0x67/0xe0\n[ 190.272256] do_syscall_64+0x82/0x170\n[ 190.272363] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 190.272373] RIP: 0033:0x7f1bd657d263\n[ 190.272381] Code: [...]\n[ 190.272385] RSP: 002b:00007ffe72b643f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 190.272391] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1bd657d263\n[ 190.272395] RDX: 0000000000000002 RSI: 0000555a6eb538e0 RDI: 0000000000000001\n[ 190.272398] RBP: 0000555a6eb538e0 R08: 000000000000000a R09: 0000000000000000\n[ 190.272401] R10: 0000555a6eb55190 R11: 0000000000000246 R12: 00007f1bd6662500\n[ 190.272404] R13: 0000000000000002 R14: 00007f1bd6667c00 R15: 0000000000000002\n[ 190.272412] \u003c/TASK\u003e\n[ 190.272414] ---[ end trace 0000000000000000 ]---\n\nNote that ring_buffer_resize() calls rb_check_pages() only if the parent\ntrace_buffer has recording disabled. Recent commit d78ab792705c\n(\"tracing: Stop current tracer when resizing buffer\") causes that it is\nnow always the case which makes it more likely to experience this issue.\n\nThe window to hit this race is nonetheless very small. To help\nreproducing it, one can add a delay loop in rb_get_reader_page():\n\n ret = rb_head_page_replace(reader, cpu_buffer-\u003ereader_page);\n if (!ret)\n \tgoto spin;\n for (unsigned i = 0; i \u003c 1U \u003c\u003c 26; i++) /* inserted delay loop */\n \t__asm__ __volatile__ (\"\" : : : \"memory\");\n rb_list_head(reader-\u003elist.next)-\u003eprev = \u0026cpu_buffer-\u003ereader_page-\u003elist;\n\n.. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38601",
"url": "https://www.suse.com/security/cve/CVE-2024-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1226876 for CVE-2024-38601",
"url": "https://bugzilla.suse.com/1226876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38601"
},
{
"cve": "CVE-2024-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix netif state handling\n\nmlx5e_suspend cleans resources only if netif_device_present() returns\ntrue. However, mlx5e_resume changes the state of netif, via\nmlx5e_nic_enable, only if reg_state == NETREG_REGISTERED.\nIn the below case, the above leads to NULL-ptr Oops[1] and memory\nleaks:\n\nmlx5e_probe\n _mlx5e_resume\n mlx5e_attach_netdev\n mlx5e_nic_enable \u003c-- netdev not reg, not calling netif_device_attach()\n register_netdev \u003c-- failed for some reason.\nERROR_FLOW:\n _mlx5e_suspend \u003c-- netif_device_present return false, resources aren\u0027t freed :(\n\nHence, clean resources in this case as well.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0010 [#1] SMP\nCPU: 2 PID: 9345 Comm: test-ovs-ct-gen Not tainted 6.5.0_for_upstream_min_debug_2023_09_05_16_01 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at0xffffffffffffffd6.\nRSP: 0018:ffff888178aaf758 EFLAGS: 00010246\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x14c/0x3c0\n ? exc_page_fault+0x75/0x140\n ? asm_exc_page_fault+0x22/0x30\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_core_uplink_netdev_event_replay+0x3e/0x60 [mlx5_core]\n mlx5_mdev_netdev_track+0x53/0x60 [mlx5_ib]\n mlx5_ib_roce_init+0xc3/0x340 [mlx5_ib]\n __mlx5_ib_add+0x34/0xd0 [mlx5_ib]\n mlx5r_probe+0xe1/0x210 [mlx5_ib]\n ? auxiliary_match_id+0x6a/0x90\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x637/0x840\n __auxiliary_device_add+0x3b/0xa0\n add_adev+0xc9/0x140 [mlx5_core]\n mlx5_rescan_drivers_locked+0x22a/0x310 [mlx5_core]\n mlx5_register_device+0x53/0xa0 [mlx5_core]\n mlx5_init_one_devl_locked+0x5c4/0x9c0 [mlx5_core]\n mlx5_init_one+0x3b/0x60 [mlx5_core]\n probe_one+0x44c/0x730 [mlx5_core]\n local_pci_probe+0x3e/0x90\n pci_device_probe+0xbf/0x210\n ? kernfs_create_link+0x5d/0xa0\n ? sysfs_do_create_link_sd+0x60/0xc0\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n pci_bus_add_device+0x54/0x80\n pci_iov_add_virtfn+0x2e6/0x320\n sriov_enable+0x208/0x420\n mlx5_core_sriov_configure+0x9e/0x200 [mlx5_core]\n sriov_numvfs_store+0xae/0x1a0\n kernfs_fop_write_iter+0x10c/0x1a0\n vfs_write+0x291/0x3c0\n ksys_write+0x5f/0xe0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n CR2: 0000000000000000\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38608",
"url": "https://www.suse.com/security/cve/CVE-2024-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1226746 for CVE-2024-38608",
"url": "https://bugzilla.suse.com/1226746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38608"
},
{
"cve": "CVE-2024-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Set lower bound of start tick time\n\nCurrently ALSA timer doesn\u0027t have the lower limit of the start tick\ntime, and it allows a very small size, e.g. 1 tick with 1ns resolution\nfor hrtimer. Such a situation may lead to an unexpected RCU stall,\nwhere the callback repeatedly queuing the expire update, as reported\nby fuzzer.\n\nThis patch introduces a sanity check of the timer start tick time, so\nthat the system returns an error when a too small start size is set.\nAs of this patch, the lower limit is hard-coded to 100us, which is\nsmall enough but can still work somehow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38618",
"url": "https://www.suse.com/security/cve/CVE-2024-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1226754 for CVE-2024-38618",
"url": "https://bugzilla.suse.com/1226754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38618"
},
{
"cve": "CVE-2024-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: stk1160: fix bounds checking in stk1160_copy_video()\n\nThe subtract in this condition is reversed. The -\u003elength is the length\nof the buffer. The -\u003ebytesused is how many bytes we have copied thus\nfar. When the condition is reversed that means the result of the\nsubtraction is always negative but since it\u0027s unsigned then the result\nis a very high positive value. That means the overflow check is never\ntrue.\n\nAdditionally, the -\u003ebytesused doesn\u0027t actually work for this purpose\nbecause we\u0027re not writing to \"buf-\u003emem + buf-\u003ebytesused\". Instead, the\nmath to calculate the destination where we are writing is a bit\ninvolved. You calculate the number of full lines already written,\nmultiply by two, skip a line if necessary so that we start on an odd\nnumbered line, and add the offset into the line.\n\nTo fix this buffer overflow, just take the actual destination where we\nare writing, if the offset is already out of bounds print an error and\nreturn. Otherwise, write up to buf-\u003elength bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38621",
"url": "https://www.suse.com/security/cve/CVE-2024-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1226895 for CVE-2024-38621",
"url": "https://bugzilla.suse.com/1226895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38621"
},
{
"cve": "CVE-2024-38627",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38627"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstm class: Fix a double free in stm_register_device()\n\nThe put_device(\u0026stm-\u003edev) call will trigger stm_device_release() which\nfrees \"stm\" so the vfree(stm) on the next line is a double free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38627",
"url": "https://www.suse.com/security/cve/CVE-2024-38627"
},
{
"category": "external",
"summary": "SUSE Bug 1226857 for CVE-2024-38627",
"url": "https://bugzilla.suse.com/1226857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38627"
},
{
"cve": "CVE-2024-38659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nenic: Validate length of nl attributes in enic_set_vf_port\n\nenic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE\nis of length PORT_PROFILE_MAX and that the nl attributes\nIFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX.\nThese attributes are validated (in the function do_setlink in rtnetlink.c)\nusing the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE\nas NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and\nIFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation\nusing the policy is for the max size of the attributes and not on exact\nsize so the length of these attributes might be less than the sizes that\nenic_set_vf_port expects. This might cause an out of bands\nread access in the memcpys of the data of these\nattributes in enic_set_vf_port.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38659",
"url": "https://www.suse.com/security/cve/CVE-2024-38659"
},
{
"category": "external",
"summary": "SUSE Bug 1226883 for CVE-2024-38659",
"url": "https://bugzilla.suse.com/1226883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38659"
},
{
"cve": "CVE-2024-38661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ap: Fix crash in AP internal function modify_bitmap()\n\nA system crash like this\n\n Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403\n Fault in home space mode while using kernel ASCE.\n AS:00000002d71bc007 R3:00000003fe5b8007 S:000000011a446000 P:000000015660c13d\n Oops: 0038 ilc:3 [#1] PREEMPT SMP\n Modules linked in: mlx5_ib ...\n CPU: 8 PID: 7556 Comm: bash Not tainted 6.9.0-rc7 #8\n Hardware name: IBM 3931 A01 704 (LPAR)\n Krnl PSW : 0704e00180000000 0000014b75e7b606 (ap_parse_bitmap_str+0x10e/0x1f8)\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\n Krnl GPRS: 0000000000000001 ffffffffffffffc0 0000000000000001 00000048f96b75d3\n 000000cb00000100 ffffffffffffffff ffffffffffffffff 000000cb7df6fce0\n 000000cb7df6fce0 00000000ffffffff 000000000000002b 00000048ffffffff\n 000003ff9b2dbc80 200000cb7df6fcd8 0000014bffffffc0 000000cb7df6fbc8\n Krnl Code: 0000014b75e7b5fc: a7840047 brc 8,0000014b75e7b68a\n 0000014b75e7b600: 18b2 lr %r11,%r2\n #0000014b75e7b602: a7f4000a brc 15,0000014b75e7b616\n \u003e0000014b75e7b606: eb22d00000e6 laog %r2,%r2,0(%r13)\n 0000014b75e7b60c: a7680001 lhi %r6,1\n 0000014b75e7b610: 187b lr %r7,%r11\n 0000014b75e7b612: 84960021 brxh %r9,%r6,0000014b75e7b654\n 0000014b75e7b616: 18e9 lr %r14,%r9\n Call Trace:\n [\u003c0000014b75e7b606\u003e] ap_parse_bitmap_str+0x10e/0x1f8\n ([\u003c0000014b75e7b5dc\u003e] ap_parse_bitmap_str+0xe4/0x1f8)\n [\u003c0000014b75e7b758\u003e] apmask_store+0x68/0x140\n [\u003c0000014b75679196\u003e] kernfs_fop_write_iter+0x14e/0x1e8\n [\u003c0000014b75598524\u003e] vfs_write+0x1b4/0x448\n [\u003c0000014b7559894c\u003e] ksys_write+0x74/0x100\n [\u003c0000014b7618a440\u003e] __do_syscall+0x268/0x328\n [\u003c0000014b761a3558\u003e] system_call+0x70/0x98\n INFO: lockdep is turned off.\n Last Breaking-Event-Address:\n [\u003c0000014b75e7b636\u003e] ap_parse_bitmap_str+0x13e/0x1f8\n Kernel panic - not syncing: Fatal exception: panic_on_oops\n\noccured when /sys/bus/ap/a[pq]mask was updated with a relative mask value\n(like +0x10-0x12,+60,-90) with one of the numeric values exceeding INT_MAX.\n\nThe fix is simple: use unsigned long values for the internal variables. The\ncorrect checks are already in place in the function but a simple int for\nthe internal variables was used with the possibility to overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38661",
"url": "https://www.suse.com/security/cve/CVE-2024-38661"
},
{
"category": "external",
"summary": "SUSE Bug 1226996 for CVE-2024-38661",
"url": "https://bugzilla.suse.com/1226996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38661"
},
{
"cve": "CVE-2024-38780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj()\n\nSince commit a6aa8fca4d79 (\"dma-buf/sw-sync: Reduce irqsave/irqrestore from\nknown context\") by error replaced spin_unlock_irqrestore() with\nspin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite\nsync_print_obj() is called from sync_debugfs_show(), lockdep complains\ninconsistent lock state warning.\n\nUse plain spin_{lock,unlock}() for sync_print_obj(), for\nsync_debugfs_show() is already using spin_{lock,unlock}_irq().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38780",
"url": "https://www.suse.com/security/cve/CVE-2024-38780"
},
{
"category": "external",
"summary": "SUSE Bug 1226886 for CVE-2024-38780",
"url": "https://bugzilla.suse.com/1226886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-base-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-azure-devel-4.12.14-16.191.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-devel-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-source-azure-4.12.14-16.191.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:kernel-syms-azure-4.12.14-16.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-09T14:01:02Z",
"details": "moderate"
}
],
"title": "CVE-2024-38780"
}
]
}
suse-su-2024:2381-1
Vulnerability from csaf_suse
Published
2024-07-10 06:10
Modified
2024-07-10 06:10
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
- CVE-2021-47191: Fix out-of-bound read in resp_readcap16() (bsc#1222866).
- CVE-2021-47267: usb: fix various gadget panics on 10gbps cabling (bsc#1224993).
- CVE-2021-47270: usb: fix various gadgets null ptr deref on 10gbps cabling (bsc#1224997).
- CVE-2021-47293: net/sched: act_skbmod: Skip non-Ethernet packets (bsc#1224978).
- CVE-2021-47294: netrom: Decrease sock refcount when sock timers expire (bsc#1224977).
- CVE-2021-47297: net: fix uninit-value in caif_seqpkt_sendmsg (bsc#1224976).
- CVE-2021-47309: net: validate lwtstate->data before returning from skb_tunnel_info() (bsc#1224967).
- CVE-2021-47354: drm/sched: Avoid data corruptions (bsc#1225140)
- CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).
- CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).
- CVE-2021-47407: KVM: x86: Handle SRCU initialization failure during page track init (bsc#1225306).
- CVE-2021-47418: net_sched: fix NULL deref in fifo_set_limit() (bsc#1225337).
- CVE-2021-47434: xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1225232).
- CVE-2021-47445: drm/msm: Fix null pointer dereference on pointer edp (bsc#1225261)
- CVE-2021-47518: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (bsc#1225372).
- CVE-2021-47544: tcp: fix page frag corruption on page fault (bsc#1225463).
- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2021-47587: net: systemport: Add global locking for descriptor lifecycle (bsc#1226567).
- CVE-2021-47602: mac80211: track only QoS data frames for admission control (bsc#1226554).
- CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver (bsc#1226562)
- CVE-2022-48732: drm/nouveau: fix off by one in BIOS boundary checking (bsc#1226716)
- CVE-2022-48733: btrfs: fix use-after-free after failure to create a snapshot (bsc#1226718).
- CVE-2022-48740: selinux: fix double free of cond_list on error paths (bsc#1226699).
- CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow (bsc#1226705).
- CVE-2022-48756: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (bsc#1226698)
- CVE-2022-48759: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (bsc#1226711).
- CVE-2022-48761: usb: xhci-plat: fix crash when suspend if remote wake enable (bsc#1226701).
- CVE-2022-48772: media: lgdt3306a: Add a check against null-pointer-def (bsc#1226976).
- CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).
- CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52754: media: imon: fix access to invalid resource for the second interface (bsc#1225490).
- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
- CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573).
- CVE-2023-52764: media: gspca: cpia1: shift-out-of-bounds in set_flicker (bsc#1225571).
- CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).
- CVE-2023-52832: wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (bsc#1225577).
- CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599).
- CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
- CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
- CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-26894: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (bsc#1223043).
- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).
- CVE-2024-27399: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (bsc#1224177).
- CVE-2024-27410: Reject iftype change with mesh ID change (bsc#1224432).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2024-35822: usb: udc: remove warning when queue disabled ep (bsc#1224739).
- CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-35922: fbmon: prevent division by zero in fb_videomode_from_videomode() (bsc#1224660)
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2024-35930: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1224651).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
- CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).
- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
- CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).
- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).
- CVE-2024-36016: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (bsc#1225642).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-36592: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1225898).
- CVE-2024-36880: Bluetooth: qca: add missing firmware sanity checks (bsc#1225722).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
- CVE-2024-36950: firewire: ohci: mask bus reset interrupts between ISR and bottom half (bsc#1225895).
- CVE-2024-36960: drm/vmwgfx: Fix invalid reads in fence signaled events (bsc#1225872)
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-38544: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (bsc#1226597)
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
- CVE-2024-38546: drm: vc4: Fix possible null pointer dereference (bsc#1226593).
- CVE-2024-38549: drm/mediatek: Add 0 size check to mtk_drm_gem_obj (bsc#1226735)
- CVE-2024-38552: drm/amd/display: Fix potential index out of bounds in color (bsc#1226767)
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38565: wifi: ar5523: enable proper endpoint verification (bsc#1226747).
- CVE-2024-38567: wifi: carl9170: add a proper sanity check for endpoints (bsc#1226769).
- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).
- CVE-2024-38579: crypto: bcm - Fix pointer arithmetic (bsc#1226637).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754).
- CVE-2024-38621: media: stk1160: fix bounds checking in stk1160_copy_video() (bsc#1226895).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).
The following non-security bugs were fixed:
- Btrfs: bail out on error during replay_dir_deletes (git-fixes)
- Btrfs: clean up resources during umount after trans is aborted (git-fixes)
- Btrfs: fix NULL pointer dereference in log_dir_items (git-fixes)
- Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() (git-fixes)
- Btrfs: fix unexpected EEXIST from btrfs_get_extent (git-fixes)
- Btrfs: send, fix issuing write op when processing hole in no data mode (git-fixes)
- Fix compilation
- KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond (git-fixes).
- NFSv4: Always clear the pNFS layout when handling ESTALE (bsc#1221791).
- NFSv4: nfs_set_open_stateid must not trigger state recovery for closed state (bsc#1221791).
- PNFS for stateid errors retry against MDS first (bsc#1221791).
- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
- Revert 'build initrd without systemd' (bsc#1195775)
- USB: serial: option: add Foxconn T99W265 with new baseline (git-fixes).
- USB: serial: option: add Quectel EG912Y module support (git-fixes).
- USB: serial: option: add Quectel RM500Q R13 firmware support (git-fixes).
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
- blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062 bsc#1225203).
- blk-cgroup: fix missing pd_online_fn() while activating policy (git-fixes bsc#1225203).
- blk-cgroup: support to track if policy is online (bsc#1216062 bsc#1225203).
- bpf, scripts: Correct GPL license name (git-fixes).
- bsc#1225894: Fix build warning Fix the following build warning. * unused-variable (i) in ../drivers/gpu/drm/amd/amdkfd/kfd_device.c in kgd2kfd_resume ../drivers/gpu/drm/amd/amdkfd/kfd_device.c: In function 'kgd2kfd_resume': ../drivers/gpu/drm/amd/amdkfd/kfd_device.c:621:11: warning: unused variable 'i' [-Wunused-variable]
- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (git-fixes)
- btrfs: fix crash when trying to resume balance without the resume flag (git-fixes)
- btrfs: fix describe_relocation when printing unknown flags (git-fixes)
- btrfs: fix false EIO for missing device (git-fixes)
- btrfs: tree-check: reduce stack consumption in check_dir_item (git-fixes)
- btrfs: use correct compare function of dirty_metadata_bytes (git-fixes)
- drm/amdkfd: Rework kfd_locked handling (bsc#1225872)
- fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP (bsc#1225848).
- fs: make fiemap work from compat_ioctl (bsc#1225848).
- iommu/amd: Fix sysfs leak in iommu init (git-fixes).
- iommu/vt-d: Allocate local memory for page request queue (git-fixes).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- kabi: blkcg_policy_data fix KABI (bsc#1216062 bsc#1225203).
- mkspec-dtb: add toplevel symlinks also on arm
- net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021).
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
- nvmet: fix ns enable/disable possible hang (git-fixes).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
- rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ('ARM: dts: Move .dts files to vendor sub-directories'). So switch to them.
- scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes).
- scsi: 53c700: Check that command slot is not NULL (git-fixes).
- scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes).
- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
- scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).
- scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed (git-fixes).
- scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes).
- scsi: core: Fix possible memory leak if device_add() fails (git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: isci: Fix an error code problem in isci_io_request_build() (git-fixes).
- scsi: iscsi: Add length check for nlattr payload (git-fixes).
- scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (git-fixes).
- scsi: iscsi_tcp: restrict to TCP sockets (git-fixes).
- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes).
- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).
- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
- scsi: libsas: Introduce struct smp_disc_resp (git-fixes).
- scsi: lpfc: Correct size for wqe for memset() (git-fixes).
- scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (git-fixes).
- scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-fixes).
- scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes).
- scsi: mpt3sas: Fix in error path (git-fixes).
- scsi: mpt3sas: Fix loop logic (git-fixes).
- scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git-fixes).
- scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (git-fixes).
- scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (git-fixes).
- scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (git-fixes).
- scsi: qedf: Fix NULL dereference in error handling (git-fixes).
- scsi: qedf: Fix firmware halt over suspend and resume (git-fixes).
- scsi: qedi: Fix firmware halt over suspend and resume (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
- scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes).
- scsi: snic: Fix double free in snic_tgt_create() (git-fixes).
- scsi: snic: Fix possible memory leak if device_add() fails (git-fixes).
- scsi: stex: Fix gcc 13 warnings (git-fixes).
- scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- usb: port: Do not try to peer unused USB ports based on location (git-fixes).
- usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
Patchnames
SUSE-2024-2381,SUSE-SLE-RT-12-SP5-2024-2381
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).\n- CVE-2021-47191: Fix out-of-bound read in resp_readcap16() (bsc#1222866).\n- CVE-2021-47267: usb: fix various gadget panics on 10gbps cabling (bsc#1224993).\n- CVE-2021-47270: usb: fix various gadgets null ptr deref on 10gbps cabling (bsc#1224997).\n- CVE-2021-47293: net/sched: act_skbmod: Skip non-Ethernet packets (bsc#1224978).\n- CVE-2021-47294: netrom: Decrease sock refcount when sock timers expire (bsc#1224977).\n- CVE-2021-47297: net: fix uninit-value in caif_seqpkt_sendmsg (bsc#1224976).\n- CVE-2021-47309: net: validate lwtstate-\u003edata before returning from skb_tunnel_info() (bsc#1224967).\n- CVE-2021-47354: drm/sched: Avoid data corruptions (bsc#1225140)\n- CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).\n- CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).\n- CVE-2021-47407: KVM: x86: Handle SRCU initialization failure during page track init (bsc#1225306).\n- CVE-2021-47418: net_sched: fix NULL deref in fifo_set_limit() (bsc#1225337).\n- CVE-2021-47434: xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1225232).\n- CVE-2021-47445: drm/msm: Fix null pointer dereference on pointer edp (bsc#1225261)\n- CVE-2021-47518: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (bsc#1225372).\n- CVE-2021-47544: tcp: fix page frag corruption on page fault (bsc#1225463).\n- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).\n- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).\n- CVE-2021-47587: net: systemport: Add global locking for descriptor lifecycle (bsc#1226567).\n- CVE-2021-47602: mac80211: track only QoS data frames for admission control (bsc#1226554).\n- CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver (bsc#1226562)\n- CVE-2022-48732: drm/nouveau: fix off by one in BIOS boundary checking (bsc#1226716)\n- CVE-2022-48733: btrfs: fix use-after-free after failure to create a snapshot (bsc#1226718).\n- CVE-2022-48740: selinux: fix double free of cond_list on error paths (bsc#1226699).\n- CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow (bsc#1226705).\n- CVE-2022-48756: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (bsc#1226698)\n- CVE-2022-48759: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (bsc#1226711).\n- CVE-2022-48761: usb: xhci-plat: fix crash when suspend if remote wake enable (bsc#1226701).\n- CVE-2022-48772: media: lgdt3306a: Add a check against null-pointer-def (bsc#1226976).\n- CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).\n- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).\n- CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).\n- CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).\n- CVE-2023-52754: media: imon: fix access to invalid resource for the second interface (bsc#1225490).\n- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).\n- CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573).\n- CVE-2023-52764: media: gspca: cpia1: shift-out-of-bounds in set_flicker (bsc#1225571).\n- CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).\n- CVE-2023-52832: wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (bsc#1225577).\n- CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599).\n- CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).\n- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).\n- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).\n- CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583).\n- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).\n- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).\n- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).\n- CVE-2024-26679: Fixed read sk-\u003esk_family once in inet_recv_error() (bsc#1222385).\n- CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).\n- CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).\n- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).\n- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).\n- CVE-2024-26894: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (bsc#1223043).\n- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).\n- CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).\n- CVE-2024-27399: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (bsc#1224177).\n- CVE-2024-27410: Reject iftype change with mesh ID change (bsc#1224432).\n- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).\n- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).\n- CVE-2024-35822: usb: udc: remove warning when queue disabled ep (bsc#1224739).\n- CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).\n- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).\n- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).\n- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).\n- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).\n- CVE-2024-35922: fbmon: prevent division by zero in fb_videomode_from_videomode() (bsc#1224660)\n- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).\n- CVE-2024-35930: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1224651).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1224703).\n- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)\n- CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).\n- CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).\n- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).\n- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).\n- CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).\n- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).\n- CVE-2024-36016: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (bsc#1225642).\n- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).\n- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).\n- CVE-2024-36592: scsi: lpfc: Move NPIV\u0027s transport unregistration to after resource clean up (bsc#1225898).\n- CVE-2024-36880: Bluetooth: qca: add missing firmware sanity checks (bsc#1225722).\n- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).\n- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).\n- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).\n- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).\n- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).\n- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).\n- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).\n- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).\n- CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)\n- CVE-2024-36950: firewire: ohci: mask bus reset interrupts between ISR and bottom half (bsc#1225895).\n- CVE-2024-36960: drm/vmwgfx: Fix invalid reads in fence signaled events (bsc#1225872)\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).\n- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).\n- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).\n- CVE-2024-38544: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (bsc#1226597)\n- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).\n- CVE-2024-38546: drm: vc4: Fix possible null pointer dereference (bsc#1226593).\n- CVE-2024-38549: drm/mediatek: Add 0 size check to mtk_drm_gem_obj (bsc#1226735)\n- CVE-2024-38552: drm/amd/display: Fix potential index out of bounds in color (bsc#1226767)\n- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).\n- CVE-2024-38565: wifi: ar5523: enable proper endpoint verification (bsc#1226747).\n- CVE-2024-38567: wifi: carl9170: add a proper sanity check for endpoints (bsc#1226769).\n- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).\n- CVE-2024-38579: crypto: bcm - Fix pointer arithmetic (bsc#1226637).\n- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).\n- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).\n- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).\n- CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754).\n- CVE-2024-38621: media: stk1160: fix bounds checking in stk1160_copy_video() (bsc#1226895).\n- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).\n- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).\n- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).\n- CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).\n\nThe following non-security bugs were fixed:\n\n- Btrfs: bail out on error during replay_dir_deletes (git-fixes)\n- Btrfs: clean up resources during umount after trans is aborted (git-fixes)\n- Btrfs: fix NULL pointer dereference in log_dir_items (git-fixes)\n- Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() (git-fixes)\n- Btrfs: fix unexpected EEXIST from btrfs_get_extent (git-fixes)\n- Btrfs: send, fix issuing write op when processing hole in no data mode (git-fixes)\n- Fix compilation\n- KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond (git-fixes).\n- NFSv4: Always clear the pNFS layout when handling ESTALE (bsc#1221791).\n- NFSv4: nfs_set_open_stateid must not trigger state recovery for closed state (bsc#1221791).\n- PNFS for stateid errors retry against MDS first (bsc#1221791).\n- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)\n- Revert \u0027build initrd without systemd\u0027 (bsc#1195775)\n- USB: serial: option: add Foxconn T99W265 with new baseline (git-fixes).\n- USB: serial: option: add Quectel EG912Y module support (git-fixes).\n- USB: serial: option: add Quectel RM500Q R13 firmware support (git-fixes).\n- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).\n- blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062 bsc#1225203).\n- blk-cgroup: fix missing pd_online_fn() while activating policy (git-fixes bsc#1225203).\n- blk-cgroup: support to track if policy is online (bsc#1216062 bsc#1225203).\n- bpf, scripts: Correct GPL license name (git-fixes).\n- bsc#1225894: Fix build warning Fix the following build warning. * unused-variable (i) in ../drivers/gpu/drm/amd/amdkfd/kfd_device.c in kgd2kfd_resume ../drivers/gpu/drm/amd/amdkfd/kfd_device.c: In function \u0027kgd2kfd_resume\u0027: ../drivers/gpu/drm/amd/amdkfd/kfd_device.c:621:11: warning: unused variable \u0027i\u0027 [-Wunused-variable]\n- btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (git-fixes)\n- btrfs: fix crash when trying to resume balance without the resume flag (git-fixes)\n- btrfs: fix describe_relocation when printing unknown flags (git-fixes)\n- btrfs: fix false EIO for missing device (git-fixes)\n- btrfs: tree-check: reduce stack consumption in check_dir_item (git-fixes)\n- btrfs: use correct compare function of dirty_metadata_bytes (git-fixes)\n- drm/amdkfd: Rework kfd_locked handling (bsc#1225872)\n- fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP (bsc#1225848).\n- fs: make fiemap work from compat_ioctl (bsc#1225848).\n- iommu/amd: Fix sysfs leak in iommu init (git-fixes).\n- iommu/vt-d: Allocate local memory for page request queue (git-fixes).\n- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)\n- kabi: blkcg_policy_data fix KABI (bsc#1216062 bsc#1225203).\n- mkspec-dtb: add toplevel symlinks also on arm\n- net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021).\n- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).\n- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).\n- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).\n- nvmet: fix ns enable/disable possible hang (git-fixes).\n- ocfs2: adjust enabling place for la window (bsc#1219224).\n- ocfs2: fix sparse warnings (bsc#1219224).\n- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).\n- ocfs2: speed up chain-list searching (bsc#1219224).\n- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.\n- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.\n- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.\n- rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 (\u0027ARM: dts: Move .dts files to vendor sub-directories\u0027). So switch to them.\n- scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes).\n- scsi: 53c700: Check that command slot is not NULL (git-fixes).\n- scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes).\n- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes).\n- scsi: bfa: Fix function pointer type mismatch for hcb_qe-\u003ecbfn (git-fixes).\n- scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).\n- scsi: core: Decrease scsi_device\u0027s iorequest_cnt if dispatch failed (git-fixes).\n- scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes).\n- scsi: core: Fix possible memory leak if device_add() fails (git-fixes).\n- scsi: csiostor: Avoid function pointer casts (git-fixes).\n- scsi: isci: Fix an error code problem in isci_io_request_build() (git-fixes).\n- scsi: iscsi: Add length check for nlattr payload (git-fixes).\n- scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (git-fixes).\n- scsi: iscsi_tcp: restrict to TCP sockets (git-fixes).\n- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes).\n- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).\n- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).\n- scsi: libsas: Introduce struct smp_disc_resp (git-fixes).\n- scsi: lpfc: Correct size for wqe for memset() (git-fixes).\n- scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (git-fixes).\n- scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git-fixes).\n- scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes).\n- scsi: mpt3sas: Fix in error path (git-fixes).\n- scsi: mpt3sas: Fix loop logic (git-fixes).\n- scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git-fixes).\n- scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (git-fixes).\n- scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (git-fixes).\n- scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (git-fixes).\n- scsi: qedf: Fix NULL dereference in error handling (git-fixes).\n- scsi: qedf: Fix firmware halt over suspend and resume (git-fixes).\n- scsi: qedi: Fix firmware halt over suspend and resume (git-fixes).\n- scsi: qedi: Fix potential deadlock on \u0026qedi_percpu-\u003ep_work_lock (git-fixes).\n- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).\n- scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes).\n- scsi: snic: Fix double free in snic_tgt_create() (git-fixes).\n- scsi: snic: Fix possible memory leak if device_add() fails (git-fixes).\n- scsi: stex: Fix gcc 13 warnings (git-fixes).\n- scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).\n- usb: port: Do not try to peer unused USB ports based on location (git-fixes).\n- usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes).\n- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2381,SUSE-SLE-RT-12-SP5-2024-2381",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2381-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2381-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242381-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2381-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-July/035895.html"
},
{
"category": "self",
"summary": "SUSE Bug 1119113",
"url": "https://bugzilla.suse.com/1119113"
},
{
"category": "self",
"summary": "SUSE Bug 1191958",
"url": "https://bugzilla.suse.com/1191958"
},
{
"category": "self",
"summary": "SUSE Bug 1195065",
"url": "https://bugzilla.suse.com/1195065"
},
{
"category": "self",
"summary": "SUSE Bug 1195254",
"url": "https://bugzilla.suse.com/1195254"
},
{
"category": "self",
"summary": "SUSE Bug 1195775",
"url": "https://bugzilla.suse.com/1195775"
},
{
"category": "self",
"summary": "SUSE Bug 1204514",
"url": "https://bugzilla.suse.com/1204514"
},
{
"category": "self",
"summary": "SUSE Bug 1216062",
"url": "https://bugzilla.suse.com/1216062"
},
{
"category": "self",
"summary": "SUSE Bug 1217912",
"url": "https://bugzilla.suse.com/1217912"
},
{
"category": "self",
"summary": "SUSE Bug 1218148",
"url": "https://bugzilla.suse.com/1218148"
},
{
"category": "self",
"summary": "SUSE Bug 1219224",
"url": "https://bugzilla.suse.com/1219224"
},
{
"category": "self",
"summary": "SUSE Bug 1221010",
"url": "https://bugzilla.suse.com/1221010"
},
{
"category": "self",
"summary": "SUSE Bug 1221647",
"url": "https://bugzilla.suse.com/1221647"
},
{
"category": "self",
"summary": "SUSE Bug 1221654",
"url": "https://bugzilla.suse.com/1221654"
},
{
"category": "self",
"summary": "SUSE Bug 1221791",
"url": "https://bugzilla.suse.com/1221791"
},
{
"category": "self",
"summary": "SUSE Bug 1221958",
"url": "https://bugzilla.suse.com/1221958"
},
{
"category": "self",
"summary": "SUSE Bug 1222015",
"url": "https://bugzilla.suse.com/1222015"
},
{
"category": "self",
"summary": "SUSE Bug 1222080",
"url": "https://bugzilla.suse.com/1222080"
},
{
"category": "self",
"summary": "SUSE Bug 1222364",
"url": "https://bugzilla.suse.com/1222364"
},
{
"category": "self",
"summary": "SUSE Bug 1222385",
"url": "https://bugzilla.suse.com/1222385"
},
{
"category": "self",
"summary": "SUSE Bug 1222435",
"url": "https://bugzilla.suse.com/1222435"
},
{
"category": "self",
"summary": "SUSE Bug 1222809",
"url": "https://bugzilla.suse.com/1222809"
},
{
"category": "self",
"summary": "SUSE Bug 1222866",
"url": "https://bugzilla.suse.com/1222866"
},
{
"category": "self",
"summary": "SUSE Bug 1222879",
"url": "https://bugzilla.suse.com/1222879"
},
{
"category": "self",
"summary": "SUSE Bug 1222893",
"url": "https://bugzilla.suse.com/1222893"
},
{
"category": "self",
"summary": "SUSE Bug 1223013",
"url": "https://bugzilla.suse.com/1223013"
},
{
"category": "self",
"summary": "SUSE Bug 1223018",
"url": "https://bugzilla.suse.com/1223018"
},
{
"category": "self",
"summary": "SUSE Bug 1223021",
"url": "https://bugzilla.suse.com/1223021"
},
{
"category": "self",
"summary": "SUSE Bug 1223043",
"url": "https://bugzilla.suse.com/1223043"
},
{
"category": "self",
"summary": "SUSE Bug 1223532",
"url": "https://bugzilla.suse.com/1223532"
},
{
"category": "self",
"summary": "SUSE Bug 1223641",
"url": "https://bugzilla.suse.com/1223641"
},
{
"category": "self",
"summary": "SUSE Bug 1224177",
"url": "https://bugzilla.suse.com/1224177"
},
{
"category": "self",
"summary": "SUSE Bug 1224432",
"url": "https://bugzilla.suse.com/1224432"
},
{
"category": "self",
"summary": "SUSE Bug 1224504",
"url": "https://bugzilla.suse.com/1224504"
},
{
"category": "self",
"summary": "SUSE Bug 1224549",
"url": "https://bugzilla.suse.com/1224549"
},
{
"category": "self",
"summary": "SUSE Bug 1224552",
"url": "https://bugzilla.suse.com/1224552"
},
{
"category": "self",
"summary": "SUSE Bug 1224572",
"url": "https://bugzilla.suse.com/1224572"
},
{
"category": "self",
"summary": "SUSE Bug 1224575",
"url": "https://bugzilla.suse.com/1224575"
},
{
"category": "self",
"summary": "SUSE Bug 1224583",
"url": "https://bugzilla.suse.com/1224583"
},
{
"category": "self",
"summary": "SUSE Bug 1224588",
"url": "https://bugzilla.suse.com/1224588"
},
{
"category": "self",
"summary": "SUSE Bug 1224605",
"url": "https://bugzilla.suse.com/1224605"
},
{
"category": "self",
"summary": "SUSE Bug 1224651",
"url": "https://bugzilla.suse.com/1224651"
},
{
"category": "self",
"summary": "SUSE Bug 1224660",
"url": "https://bugzilla.suse.com/1224660"
},
{
"category": "self",
"summary": "SUSE Bug 1224661",
"url": "https://bugzilla.suse.com/1224661"
},
{
"category": "self",
"summary": "SUSE Bug 1224662",
"url": "https://bugzilla.suse.com/1224662"
},
{
"category": "self",
"summary": "SUSE Bug 1224664",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "self",
"summary": "SUSE Bug 1224668",
"url": "https://bugzilla.suse.com/1224668"
},
{
"category": "self",
"summary": "SUSE Bug 1224670",
"url": "https://bugzilla.suse.com/1224670"
},
{
"category": "self",
"summary": "SUSE Bug 1224672",
"url": "https://bugzilla.suse.com/1224672"
},
{
"category": "self",
"summary": "SUSE Bug 1224674",
"url": "https://bugzilla.suse.com/1224674"
},
{
"category": "self",
"summary": "SUSE Bug 1224677",
"url": "https://bugzilla.suse.com/1224677"
},
{
"category": "self",
"summary": "SUSE Bug 1224678",
"url": "https://bugzilla.suse.com/1224678"
},
{
"category": "self",
"summary": "SUSE Bug 1224703",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "self",
"summary": "SUSE Bug 1224735",
"url": "https://bugzilla.suse.com/1224735"
},
{
"category": "self",
"summary": "SUSE Bug 1224739",
"url": "https://bugzilla.suse.com/1224739"
},
{
"category": "self",
"summary": "SUSE Bug 1224763",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "self",
"summary": "SUSE Bug 1224764",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "self",
"summary": "SUSE Bug 1224765",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "self",
"summary": "SUSE Bug 1224946",
"url": "https://bugzilla.suse.com/1224946"
},
{
"category": "self",
"summary": "SUSE Bug 1224951",
"url": "https://bugzilla.suse.com/1224951"
},
{
"category": "self",
"summary": "SUSE Bug 1224967",
"url": "https://bugzilla.suse.com/1224967"
},
{
"category": "self",
"summary": "SUSE Bug 1224976",
"url": "https://bugzilla.suse.com/1224976"
},
{
"category": "self",
"summary": "SUSE Bug 1224977",
"url": "https://bugzilla.suse.com/1224977"
},
{
"category": "self",
"summary": "SUSE Bug 1224978",
"url": "https://bugzilla.suse.com/1224978"
},
{
"category": "self",
"summary": "SUSE Bug 1224993",
"url": "https://bugzilla.suse.com/1224993"
},
{
"category": "self",
"summary": "SUSE Bug 1224997",
"url": "https://bugzilla.suse.com/1224997"
},
{
"category": "self",
"summary": "SUSE Bug 1225047",
"url": "https://bugzilla.suse.com/1225047"
},
{
"category": "self",
"summary": "SUSE Bug 1225140",
"url": "https://bugzilla.suse.com/1225140"
},
{
"category": "self",
"summary": "SUSE Bug 1225184",
"url": "https://bugzilla.suse.com/1225184"
},
{
"category": "self",
"summary": "SUSE Bug 1225203",
"url": "https://bugzilla.suse.com/1225203"
},
{
"category": "self",
"summary": "SUSE Bug 1225232",
"url": "https://bugzilla.suse.com/1225232"
},
{
"category": "self",
"summary": "SUSE Bug 1225261",
"url": "https://bugzilla.suse.com/1225261"
},
{
"category": "self",
"summary": "SUSE Bug 1225306",
"url": "https://bugzilla.suse.com/1225306"
},
{
"category": "self",
"summary": "SUSE Bug 1225337",
"url": "https://bugzilla.suse.com/1225337"
},
{
"category": "self",
"summary": "SUSE Bug 1225372",
"url": "https://bugzilla.suse.com/1225372"
},
{
"category": "self",
"summary": "SUSE Bug 1225463",
"url": "https://bugzilla.suse.com/1225463"
},
{
"category": "self",
"summary": "SUSE Bug 1225484",
"url": "https://bugzilla.suse.com/1225484"
},
{
"category": "self",
"summary": "SUSE Bug 1225487",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "self",
"summary": "SUSE Bug 1225490",
"url": "https://bugzilla.suse.com/1225490"
},
{
"category": "self",
"summary": "SUSE Bug 1225514",
"url": "https://bugzilla.suse.com/1225514"
},
{
"category": "self",
"summary": "SUSE Bug 1225518",
"url": "https://bugzilla.suse.com/1225518"
},
{
"category": "self",
"summary": "SUSE Bug 1225548",
"url": "https://bugzilla.suse.com/1225548"
},
{
"category": "self",
"summary": "SUSE Bug 1225555",
"url": "https://bugzilla.suse.com/1225555"
},
{
"category": "self",
"summary": "SUSE Bug 1225556",
"url": "https://bugzilla.suse.com/1225556"
},
{
"category": "self",
"summary": "SUSE Bug 1225559",
"url": "https://bugzilla.suse.com/1225559"
},
{
"category": "self",
"summary": "SUSE Bug 1225571",
"url": "https://bugzilla.suse.com/1225571"
},
{
"category": "self",
"summary": "SUSE Bug 1225573",
"url": "https://bugzilla.suse.com/1225573"
},
{
"category": "self",
"summary": "SUSE Bug 1225577",
"url": "https://bugzilla.suse.com/1225577"
},
{
"category": "self",
"summary": "SUSE Bug 1225583",
"url": "https://bugzilla.suse.com/1225583"
},
{
"category": "self",
"summary": "SUSE Bug 1225585",
"url": "https://bugzilla.suse.com/1225585"
},
{
"category": "self",
"summary": "SUSE Bug 1225599",
"url": "https://bugzilla.suse.com/1225599"
},
{
"category": "self",
"summary": "SUSE Bug 1225602",
"url": "https://bugzilla.suse.com/1225602"
},
{
"category": "self",
"summary": "SUSE Bug 1225611",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "self",
"summary": "SUSE Bug 1225642",
"url": "https://bugzilla.suse.com/1225642"
},
{
"category": "self",
"summary": "SUSE Bug 1225681",
"url": "https://bugzilla.suse.com/1225681"
},
{
"category": "self",
"summary": "SUSE Bug 1225704",
"url": "https://bugzilla.suse.com/1225704"
},
{
"category": "self",
"summary": "SUSE Bug 1225722",
"url": "https://bugzilla.suse.com/1225722"
},
{
"category": "self",
"summary": "SUSE Bug 1225749",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "self",
"summary": "SUSE Bug 1225758",
"url": "https://bugzilla.suse.com/1225758"
},
{
"category": "self",
"summary": "SUSE Bug 1225760",
"url": "https://bugzilla.suse.com/1225760"
},
{
"category": "self",
"summary": "SUSE Bug 1225761",
"url": "https://bugzilla.suse.com/1225761"
},
{
"category": "self",
"summary": "SUSE Bug 1225767",
"url": "https://bugzilla.suse.com/1225767"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1225815",
"url": "https://bugzilla.suse.com/1225815"
},
{
"category": "self",
"summary": "SUSE Bug 1225840",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "self",
"summary": "SUSE Bug 1225848",
"url": "https://bugzilla.suse.com/1225848"
},
{
"category": "self",
"summary": "SUSE Bug 1225866",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "self",
"summary": "SUSE Bug 1225872",
"url": "https://bugzilla.suse.com/1225872"
},
{
"category": "self",
"summary": "SUSE Bug 1225894",
"url": "https://bugzilla.suse.com/1225894"
},
{
"category": "self",
"summary": "SUSE Bug 1225895",
"url": "https://bugzilla.suse.com/1225895"
},
{
"category": "self",
"summary": "SUSE Bug 1225898",
"url": "https://bugzilla.suse.com/1225898"
},
{
"category": "self",
"summary": "SUSE Bug 1226211",
"url": "https://bugzilla.suse.com/1226211"
},
{
"category": "self",
"summary": "SUSE Bug 1226212",
"url": "https://bugzilla.suse.com/1226212"
},
{
"category": "self",
"summary": "SUSE Bug 1226537",
"url": "https://bugzilla.suse.com/1226537"
},
{
"category": "self",
"summary": "SUSE Bug 1226554",
"url": "https://bugzilla.suse.com/1226554"
},
{
"category": "self",
"summary": "SUSE Bug 1226557",
"url": "https://bugzilla.suse.com/1226557"
},
{
"category": "self",
"summary": "SUSE Bug 1226562",
"url": "https://bugzilla.suse.com/1226562"
},
{
"category": "self",
"summary": "SUSE Bug 1226567",
"url": "https://bugzilla.suse.com/1226567"
},
{
"category": "self",
"summary": "SUSE Bug 1226575",
"url": "https://bugzilla.suse.com/1226575"
},
{
"category": "self",
"summary": "SUSE Bug 1226577",
"url": "https://bugzilla.suse.com/1226577"
},
{
"category": "self",
"summary": "SUSE Bug 1226593",
"url": "https://bugzilla.suse.com/1226593"
},
{
"category": "self",
"summary": "SUSE Bug 1226595",
"url": "https://bugzilla.suse.com/1226595"
},
{
"category": "self",
"summary": "SUSE Bug 1226597",
"url": "https://bugzilla.suse.com/1226597"
},
{
"category": "self",
"summary": "SUSE Bug 1226610",
"url": "https://bugzilla.suse.com/1226610"
},
{
"category": "self",
"summary": "SUSE Bug 1226614",
"url": "https://bugzilla.suse.com/1226614"
},
{
"category": "self",
"summary": "SUSE Bug 1226619",
"url": "https://bugzilla.suse.com/1226619"
},
{
"category": "self",
"summary": "SUSE Bug 1226621",
"url": "https://bugzilla.suse.com/1226621"
},
{
"category": "self",
"summary": "SUSE Bug 1226634",
"url": "https://bugzilla.suse.com/1226634"
},
{
"category": "self",
"summary": "SUSE Bug 1226637",
"url": "https://bugzilla.suse.com/1226637"
},
{
"category": "self",
"summary": "SUSE Bug 1226670",
"url": "https://bugzilla.suse.com/1226670"
},
{
"category": "self",
"summary": "SUSE Bug 1226672",
"url": "https://bugzilla.suse.com/1226672"
},
{
"category": "self",
"summary": "SUSE Bug 1226692",
"url": "https://bugzilla.suse.com/1226692"
},
{
"category": "self",
"summary": "SUSE Bug 1226698",
"url": "https://bugzilla.suse.com/1226698"
},
{
"category": "self",
"summary": "SUSE Bug 1226699",
"url": "https://bugzilla.suse.com/1226699"
},
{
"category": "self",
"summary": "SUSE Bug 1226701",
"url": "https://bugzilla.suse.com/1226701"
},
{
"category": "self",
"summary": "SUSE Bug 1226705",
"url": "https://bugzilla.suse.com/1226705"
},
{
"category": "self",
"summary": "SUSE Bug 1226708",
"url": "https://bugzilla.suse.com/1226708"
},
{
"category": "self",
"summary": "SUSE Bug 1226711",
"url": "https://bugzilla.suse.com/1226711"
},
{
"category": "self",
"summary": "SUSE Bug 1226712",
"url": "https://bugzilla.suse.com/1226712"
},
{
"category": "self",
"summary": "SUSE Bug 1226716",
"url": "https://bugzilla.suse.com/1226716"
},
{
"category": "self",
"summary": "SUSE Bug 1226718",
"url": "https://bugzilla.suse.com/1226718"
},
{
"category": "self",
"summary": "SUSE Bug 1226732",
"url": "https://bugzilla.suse.com/1226732"
},
{
"category": "self",
"summary": "SUSE Bug 1226735",
"url": "https://bugzilla.suse.com/1226735"
},
{
"category": "self",
"summary": "SUSE Bug 1226744",
"url": "https://bugzilla.suse.com/1226744"
},
{
"category": "self",
"summary": "SUSE Bug 1226746",
"url": "https://bugzilla.suse.com/1226746"
},
{
"category": "self",
"summary": "SUSE Bug 1226747",
"url": "https://bugzilla.suse.com/1226747"
},
{
"category": "self",
"summary": "SUSE Bug 1226749",
"url": "https://bugzilla.suse.com/1226749"
},
{
"category": "self",
"summary": "SUSE Bug 1226754",
"url": "https://bugzilla.suse.com/1226754"
},
{
"category": "self",
"summary": "SUSE Bug 1226767",
"url": "https://bugzilla.suse.com/1226767"
},
{
"category": "self",
"summary": "SUSE Bug 1226769",
"url": "https://bugzilla.suse.com/1226769"
},
{
"category": "self",
"summary": "SUSE Bug 1226857",
"url": "https://bugzilla.suse.com/1226857"
},
{
"category": "self",
"summary": "SUSE Bug 1226876",
"url": "https://bugzilla.suse.com/1226876"
},
{
"category": "self",
"summary": "SUSE Bug 1226883",
"url": "https://bugzilla.suse.com/1226883"
},
{
"category": "self",
"summary": "SUSE Bug 1226886",
"url": "https://bugzilla.suse.com/1226886"
},
{
"category": "self",
"summary": "SUSE Bug 1226895",
"url": "https://bugzilla.suse.com/1226895"
},
{
"category": "self",
"summary": "SUSE Bug 1226948",
"url": "https://bugzilla.suse.com/1226948"
},
{
"category": "self",
"summary": "SUSE Bug 1226949",
"url": "https://bugzilla.suse.com/1226949"
},
{
"category": "self",
"summary": "SUSE Bug 1226950",
"url": "https://bugzilla.suse.com/1226950"
},
{
"category": "self",
"summary": "SUSE Bug 1226962",
"url": "https://bugzilla.suse.com/1226962"
},
{
"category": "self",
"summary": "SUSE Bug 1226976",
"url": "https://bugzilla.suse.com/1226976"
},
{
"category": "self",
"summary": "SUSE Bug 1226996",
"url": "https://bugzilla.suse.com/1226996"
},
{
"category": "self",
"summary": "SUSE Bug 1227101",
"url": "https://bugzilla.suse.com/1227101"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4439 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4439/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47103 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47191 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47193 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47267 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47270 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47293 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47294 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47297 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47309 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47309/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47328 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47354 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47372 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47372/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47379 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47379/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47407 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47418 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47434 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47445 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47518 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47544 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47566 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47571 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47576 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47587 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47589 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47589/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47600 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47602 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47603 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47617 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48711 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48722 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48732 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48733 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48740 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48743 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48754 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48756 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48758 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48759 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48760 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48761 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48771 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48772 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-24023 page",
"url": "https://www.suse.com/security/cve/CVE-2023-24023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52675 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52737 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52754 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52757 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52762 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52764 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52784 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52808 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52809 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52811 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52832 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52834 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52835 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52843 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52845 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52855 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26687 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26720 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26813 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26845 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27399 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27410 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35247 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35835 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35870 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35976 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36479 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36592 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36880 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37354 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38544 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38545 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38549 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38552 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38567 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38578 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38579 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38580 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38597 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38627 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38659 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38780 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38780/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-07-10T06:10:16Z",
"generator": {
"date": "2024-07-10T06:10:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2381-1",
"initial_release_date": "2024-07-10T06:10:16Z",
"revision_history": [
{
"date": "2024-07-10T06:10:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.12.14-10.191.1.noarch",
"product": {
"name": "kernel-devel-rt-4.12.14-10.191.1.noarch",
"product_id": "kernel-devel-rt-4.12.14-10.191.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.12.14-10.191.1.noarch",
"product": {
"name": "kernel-source-rt-4.12.14-10.191.1.noarch",
"product_id": "kernel-source-rt-4.12.14-10.191.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"product_id": "cluster-md-kmp-rt-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"product": {
"name": "dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"product_id": "dlm-kmp-rt-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product_id": "dlm-kmp-rt_debug-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"product_id": "gfs2-kmp-rt-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt-base-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt-base-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt-devel-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt-devel-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt-extra-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt-extra-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-devel-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt-kgraft-devel-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt-kgraft-devel-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt_debug-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt_debug-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt_debug-base-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt_debug-devel-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt_debug-extra-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.191.1.x86_64",
"product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.12.14-10.191.1.x86_64",
"product": {
"name": "kernel-syms-rt-4.12.14-10.191.1.x86_64",
"product_id": "kernel-syms-rt-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.12.14-10.191.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.12.14-10.191.1.x86_64",
"product_id": "kselftests-kmp-rt-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"product_id": "ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.12.14-10.191.1.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.12.14-10.191.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64"
},
"product_reference": "dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.12.14-10.191.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch"
},
"product_reference": "kernel-devel-rt-4.12.14-10.191.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64"
},
"product_reference": "kernel-rt-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64"
},
"product_reference": "kernel-rt-base-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64"
},
"product_reference": "kernel-rt-devel-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64"
},
"product_reference": "kernel-rt_debug-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.12.14-10.191.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch"
},
"product_reference": "kernel-source-rt-4.12.14-10.191.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64"
},
"product_reference": "kernel-syms-rt-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.12.14-10.191.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4439",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4439"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisdn: cpai: check ctr-\u003ecnr to avoid array index out of bound\n\nThe cmtp_add_connection() would add a cmtp session to a controller\nand run a kernel thread to process cmtp.\n\n\t__module_get(THIS_MODULE);\n\tsession-\u003etask = kthread_run(cmtp_session, session, \"kcmtpd_ctr_%d\",\n\t\t\t\t\t\t\t\tsession-\u003enum);\n\nDuring this process, the kernel thread would call detach_capi_ctr()\nto detach a register controller. if the controller\nwas not attached yet, detach_capi_ctr() would\ntrigger an array-index-out-bounds bug.\n\n[ 46.866069][ T6479] UBSAN: array-index-out-of-bounds in\ndrivers/isdn/capi/kcapi.c:483:21\n[ 46.867196][ T6479] index -1 is out of range for type \u0027capi_ctr *[32]\u0027\n[ 46.867982][ T6479] CPU: 1 PID: 6479 Comm: kcmtpd_ctr_0 Not tainted\n5.15.0-rc2+ #8\n[ 46.869002][ T6479] Hardware name: QEMU Standard PC (i440FX + PIIX,\n1996), BIOS 1.14.0-2 04/01/2014\n[ 46.870107][ T6479] Call Trace:\n[ 46.870473][ T6479] dump_stack_lvl+0x57/0x7d\n[ 46.870974][ T6479] ubsan_epilogue+0x5/0x40\n[ 46.871458][ T6479] __ubsan_handle_out_of_bounds.cold+0x43/0x48\n[ 46.872135][ T6479] detach_capi_ctr+0x64/0xc0\n[ 46.872639][ T6479] cmtp_session+0x5c8/0x5d0\n[ 46.873131][ T6479] ? __init_waitqueue_head+0x60/0x60\n[ 46.873712][ T6479] ? cmtp_add_msgpart+0x120/0x120\n[ 46.874256][ T6479] kthread+0x147/0x170\n[ 46.874709][ T6479] ? set_kthread_struct+0x40/0x40\n[ 46.875248][ T6479] ret_from_fork+0x1f/0x30\n[ 46.875773][ T6479]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4439",
"url": "https://www.suse.com/security/cve/CVE-2021-4439"
},
{
"category": "external",
"summary": "SUSE Bug 1226670 for CVE-2021-4439",
"url": "https://bugzilla.suse.com/1226670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-4439"
},
{
"cve": "CVE-2021-47103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: fully convert sk-\u003esk_rx_dst to RCU rules\n\nsyzbot reported various issues around early demux,\none being included in this changelog [1]\n\nsk-\u003esk_rx_dst is using RCU protection without clearly\ndocumenting it.\n\nAnd following sequences in tcp_v4_do_rcv()/tcp_v6_do_rcv()\nare not following standard RCU rules.\n\n[a] dst_release(dst);\n[b] sk-\u003esk_rx_dst = NULL;\n\nThey look wrong because a delete operation of RCU protected\npointer is supposed to clear the pointer before\nthe call_rcu()/synchronize_rcu() guarding actual memory freeing.\n\nIn some cases indeed, dst could be freed before [b] is done.\n\nWe could cheat by clearing sk_rx_dst before calling\ndst_release(), but this seems the right time to stick\nto standard RCU annotations and debugging facilities.\n\n[1]\nBUG: KASAN: use-after-free in dst_check include/net/dst.h:470 [inline]\nBUG: KASAN: use-after-free in tcp_v4_early_demux+0x95b/0x960 net/ipv4/tcp_ipv4.c:1792\nRead of size 2 at addr ffff88807f1cb73a by task syz-executor.5/9204\n\nCPU: 0 PID: 9204 Comm: syz-executor.5 Not tainted 5.16.0-rc5-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x320 mm/kasan/report.c:247\n __kasan_report mm/kasan/report.c:433 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:450\n dst_check include/net/dst.h:470 [inline]\n tcp_v4_early_demux+0x95b/0x960 net/ipv4/tcp_ipv4.c:1792\n ip_rcv_finish_core.constprop.0+0x15de/0x1e80 net/ipv4/ip_input.c:340\n ip_list_rcv_finish.constprop.0+0x1b2/0x6e0 net/ipv4/ip_input.c:583\n ip_sublist_rcv net/ipv4/ip_input.c:609 [inline]\n ip_list_rcv+0x34e/0x490 net/ipv4/ip_input.c:644\n __netif_receive_skb_list_ptype net/core/dev.c:5508 [inline]\n __netif_receive_skb_list_core+0x549/0x8e0 net/core/dev.c:5556\n __netif_receive_skb_list net/core/dev.c:5608 [inline]\n netif_receive_skb_list_internal+0x75e/0xd80 net/core/dev.c:5699\n gro_normal_list net/core/dev.c:5853 [inline]\n gro_normal_list net/core/dev.c:5849 [inline]\n napi_complete_done+0x1f1/0x880 net/core/dev.c:6590\n virtqueue_napi_complete drivers/net/virtio_net.c:339 [inline]\n virtnet_poll+0xca2/0x11b0 drivers/net/virtio_net.c:1557\n __napi_poll+0xaf/0x440 net/core/dev.c:7023\n napi_poll net/core/dev.c:7090 [inline]\n net_rx_action+0x801/0xb40 net/core/dev.c:7177\n __do_softirq+0x29b/0x9c2 kernel/softirq.c:558\n invoke_softirq kernel/softirq.c:432 [inline]\n __irq_exit_rcu+0x123/0x180 kernel/softirq.c:637\n irq_exit_rcu+0x5/0x20 kernel/softirq.c:649\n common_interrupt+0x52/0xc0 arch/x86/kernel/irq.c:240\n asm_common_interrupt+0x1e/0x40 arch/x86/include/asm/idtentry.h:629\nRIP: 0033:0x7f5e972bfd57\nCode: 39 d1 73 14 0f 1f 80 00 00 00 00 48 8b 50 f8 48 83 e8 08 48 39 ca 77 f3 48 39 c3 73 3e 48 89 13 48 8b 50 f8 48 89 38 49 8b 0e \u003c48\u003e 8b 3e 48 83 c3 08 48 83 c6 08 eb bc 48 39 d1 72 9e 48 39 d0 73\nRSP: 002b:00007fff8a413210 EFLAGS: 00000283\nRAX: 00007f5e97108990 RBX: 00007f5e97108338 RCX: ffffffff81d3aa45\nRDX: ffffffff81d3aa45 RSI: 00007f5e97108340 RDI: ffffffff81d3aa45\nRBP: 00007f5e97107eb8 R08: 00007f5e97108d88 R09: 0000000093c2e8d9\nR10: 0000000000000000 R11: 0000000000000000 R12: 00007f5e97107eb0\nR13: 00007f5e97108338 R14: 00007f5e97107ea8 R15: 0000000000000019\n \u003c/TASK\u003e\n\nAllocated by task 13:\n kasan_save_stack+0x1e/0x50 mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:46 [inline]\n set_alloc_info mm/kasan/common.c:434 [inline]\n __kasan_slab_alloc+0x90/0xc0 mm/kasan/common.c:467\n kasan_slab_alloc include/linux/kasan.h:259 [inline]\n slab_post_alloc_hook mm/slab.h:519 [inline]\n slab_alloc_node mm/slub.c:3234 [inline]\n slab_alloc mm/slub.c:3242 [inline]\n kmem_cache_alloc+0x202/0x3a0 mm/slub.c:3247\n dst_alloc+0x146/0x1f0 net/core/dst.c:92\n rt_dst_alloc+0x73/0x430 net/ipv4/route.c:1613\n ip_route_input_slow+0x1817/0x3a20 net/ipv4/route.c:234\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47103",
"url": "https://www.suse.com/security/cve/CVE-2021-47103"
},
{
"category": "external",
"summary": "SUSE Bug 1221010 for CVE-2021-47103",
"url": "https://bugzilla.suse.com/1221010"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47103"
},
{
"cve": "CVE-2021-47191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47191"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix out-of-bound read in resp_readcap16()\n\nThe following warning was observed running syzkaller:\n\n[ 3813.830724] sg_write: data in/out 65466/242 bytes for SCSI command 0x9e-- guessing data in;\n[ 3813.830724] program syz-executor not setting count and/or reply_len properly\n[ 3813.836956] ==================================================================\n[ 3813.839465] BUG: KASAN: stack-out-of-bounds in sg_copy_buffer+0x157/0x1e0\n[ 3813.841773] Read of size 4096 at addr ffff8883cf80f540 by task syz-executor/1549\n[ 3813.846612] Call Trace:\n[ 3813.846995] dump_stack+0x108/0x15f\n[ 3813.847524] print_address_description+0xa5/0x372\n[ 3813.848243] kasan_report.cold+0x236/0x2a8\n[ 3813.849439] check_memory_region+0x240/0x270\n[ 3813.850094] memcpy+0x30/0x80\n[ 3813.850553] sg_copy_buffer+0x157/0x1e0\n[ 3813.853032] sg_copy_from_buffer+0x13/0x20\n[ 3813.853660] fill_from_dev_buffer+0x135/0x370\n[ 3813.854329] resp_readcap16+0x1ac/0x280\n[ 3813.856917] schedule_resp+0x41f/0x1630\n[ 3813.858203] scsi_debug_queuecommand+0xb32/0x17e0\n[ 3813.862699] scsi_dispatch_cmd+0x330/0x950\n[ 3813.863329] scsi_request_fn+0xd8e/0x1710\n[ 3813.863946] __blk_run_queue+0x10b/0x230\n[ 3813.864544] blk_execute_rq_nowait+0x1d8/0x400\n[ 3813.865220] sg_common_write.isra.0+0xe61/0x2420\n[ 3813.871637] sg_write+0x6c8/0xef0\n[ 3813.878853] __vfs_write+0xe4/0x800\n[ 3813.883487] vfs_write+0x17b/0x530\n[ 3813.884008] ksys_write+0x103/0x270\n[ 3813.886268] __x64_sys_write+0x77/0xc0\n[ 3813.886841] do_syscall_64+0x106/0x360\n[ 3813.887415] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nThis issue can be reproduced with the following syzkaller log:\n\nr0 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x26e1, 0x0)\nr1 = syz_open_procfs(0xffffffffffffffff, \u0026(0x7f0000000000)=\u0027fd/3\\x00\u0027)\nopen_by_handle_at(r1, \u0026(0x7f00000003c0)=ANY=[@ANYRESHEX], 0x602000)\nr2 = syz_open_dev$sg(\u0026(0x7f0000000000), 0x0, 0x40782)\nwrite$binfmt_aout(r2, \u0026(0x7f0000000340)=ANY=[@ANYBLOB=\"00000000deff000000000000000000000000000000000000000000000000000047f007af9e107a41ec395f1bded7be24277a1501ff6196a83366f4e6362bc0ff2b247f68a972989b094b2da4fb3607fcf611a22dd04310d28c75039d\"], 0x126)\n\nIn resp_readcap16() we get \"int alloc_len\" value -1104926854, and then pass\nthe huge arr_len to fill_from_dev_buffer(), but arr is only 32 bytes. This\nleads to OOB in sg_copy_buffer().\n\nTo solve this issue, define alloc_len as u32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47191",
"url": "https://www.suse.com/security/cve/CVE-2021-47191"
},
{
"category": "external",
"summary": "SUSE Bug 1222866 for CVE-2021-47191",
"url": "https://bugzilla.suse.com/1222866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47191"
},
{
"cve": "CVE-2021-47193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47193"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Fix memory leak during rmmod\n\nDriver failed to release all memory allocated. This would lead to memory\nleak during driver removal.\n\nProperly free memory when the module is removed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47193",
"url": "https://www.suse.com/security/cve/CVE-2021-47193"
},
{
"category": "external",
"summary": "SUSE Bug 1222879 for CVE-2021-47193",
"url": "https://bugzilla.suse.com/1222879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47193"
},
{
"cve": "CVE-2021-47267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47267"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: fix various gadget panics on 10gbps cabling\n\nusb_assign_descriptors() is called with 5 parameters,\nthe last 4 of which are the usb_descriptor_header for:\n full-speed (USB1.1 - 12Mbps [including USB1.0 low-speed @ 1.5Mbps),\n high-speed (USB2.0 - 480Mbps),\n super-speed (USB3.0 - 5Gbps),\n super-speed-plus (USB3.1 - 10Gbps).\n\nThe differences between full/high/super-speed descriptors are usually\nsubstantial (due to changes in the maximum usb block size from 64 to 512\nto 1024 bytes and other differences in the specs), while the difference\nbetween 5 and 10Gbps descriptors may be as little as nothing\n(in many cases the same tuning is simply good enough).\n\nHowever if a gadget driver calls usb_assign_descriptors() with\na NULL descriptor for super-speed-plus and is then used on a max 10gbps\nconfiguration, the kernel will crash with a null pointer dereference,\nwhen a 10gbps capable device port + cable + host port combination shows up.\n(This wouldn\u0027t happen if the gadget max-speed was set to 5gbps, but\nit of course defaults to the maximum, and there\u0027s no real reason to\nartificially limit it)\n\nThe fix is to simply use the 5gbps descriptor as the 10gbps descriptor,\nif a 10gbps descriptor wasn\u0027t provided.\n\nObviously this won\u0027t fix the problem if the 5gbps descriptor is also\nNULL, but such cases can\u0027t be so trivially solved (and any such gadgets\nare unlikely to be used with USB3 ports any way).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47267",
"url": "https://www.suse.com/security/cve/CVE-2021-47267"
},
{
"category": "external",
"summary": "SUSE Bug 1224993 for CVE-2021-47267",
"url": "https://bugzilla.suse.com/1224993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47267"
},
{
"cve": "CVE-2021-47270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47270"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: fix various gadgets null ptr deref on 10gbps cabling.\n\nThis avoids a null pointer dereference in\nf_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm}\nby simply reusing the 5gbps config for 10gbps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47270",
"url": "https://www.suse.com/security/cve/CVE-2021-47270"
},
{
"category": "external",
"summary": "SUSE Bug 1224997 for CVE-2021-47270",
"url": "https://bugzilla.suse.com/1224997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47270"
},
{
"cve": "CVE-2021-47293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47293"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_skbmod: Skip non-Ethernet packets\n\nCurrently tcf_skbmod_act() assumes that packets use Ethernet as their L2\nprotocol, which is not always the case. As an example, for CAN devices:\n\n\t$ ip link add dev vcan0 type vcan\n\t$ ip link set up vcan0\n\t$ tc qdisc add dev vcan0 root handle 1: htb\n\t$ tc filter add dev vcan0 parent 1: protocol ip prio 10 \\\n\t\tmatchall action skbmod swap mac\n\nDoing the above silently corrupts all the packets. Do not perform skbmod\nactions for non-Ethernet packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47293",
"url": "https://www.suse.com/security/cve/CVE-2021-47293"
},
{
"category": "external",
"summary": "SUSE Bug 1224978 for CVE-2021-47293",
"url": "https://bugzilla.suse.com/1224978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47293"
},
{
"cve": "CVE-2021-47294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47294"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: Decrease sock refcount when sock timers expire\n\nCommit 63346650c1a9 (\"netrom: switch to sock timer API\") switched to use\nsock timer API. It replaces mod_timer() by sk_reset_timer(), and\ndel_timer() by sk_stop_timer().\n\nFunction sk_reset_timer() will increase the refcount of sock if it is\ncalled on an inactive timer, hence, in case the timer expires, we need to\ndecrease the refcount ourselves in the handler, otherwise, the sock\nrefcount will be unbalanced and the sock will never be freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47294",
"url": "https://www.suse.com/security/cve/CVE-2021-47294"
},
{
"category": "external",
"summary": "SUSE Bug 1224977 for CVE-2021-47294",
"url": "https://bugzilla.suse.com/1224977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47294"
},
{
"cve": "CVE-2021-47297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47297"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix uninit-value in caif_seqpkt_sendmsg\n\nWhen nr_segs equal to zero in iovec_from_user, the object\nmsg-\u003emsg_iter.iov is uninit stack memory in caif_seqpkt_sendmsg\nwhich is defined in ___sys_sendmsg. So we cann\u0027t just judge\nmsg-\u003emsg_iter.iov-\u003ebase directlly. We can use nr_segs to judge\nmsg in caif_seqpkt_sendmsg whether has data buffers.\n\n=====================================================\nBUG: KMSAN: uninit-value in caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1c9/0x220 lib/dump_stack.c:118\n kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118\n __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215\n caif_seqpkt_sendmsg+0x693/0xf60 net/caif/caif_socket.c:542\n sock_sendmsg_nosec net/socket.c:652 [inline]\n sock_sendmsg net/socket.c:672 [inline]\n ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343\n ___sys_sendmsg net/socket.c:2397 [inline]\n __sys_sendmmsg+0x808/0xc90 net/socket.c:2480\n __compat_sys_sendmmsg net/compat.c:656 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47297",
"url": "https://www.suse.com/security/cve/CVE-2021-47297"
},
{
"category": "external",
"summary": "SUSE Bug 1224976 for CVE-2021-47297",
"url": "https://bugzilla.suse.com/1224976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47297"
},
{
"cve": "CVE-2021-47309",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47309"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: validate lwtstate-\u003edata before returning from skb_tunnel_info()\n\nskb_tunnel_info() returns pointer of lwtstate-\u003edata as ip_tunnel_info\ntype without validation. lwtstate-\u003edata can have various types such as\nmpls_iptunnel_encap, etc and these are not compatible.\nSo skb_tunnel_info() should validate before returning that pointer.\n\nSplat looks like:\nBUG: KASAN: slab-out-of-bounds in vxlan_get_route+0x418/0x4b0 [vxlan]\nRead of size 2 at addr ffff888106ec2698 by task ping/811\n\nCPU: 1 PID: 811 Comm: ping Not tainted 5.13.0+ #1195\nCall Trace:\n dump_stack_lvl+0x56/0x7b\n print_address_description.constprop.8.cold.13+0x13/0x2ee\n ? vxlan_get_route+0x418/0x4b0 [vxlan]\n ? vxlan_get_route+0x418/0x4b0 [vxlan]\n kasan_report.cold.14+0x83/0xdf\n ? vxlan_get_route+0x418/0x4b0 [vxlan]\n vxlan_get_route+0x418/0x4b0 [vxlan]\n [ ... ]\n vxlan_xmit_one+0x148b/0x32b0 [vxlan]\n [ ... ]\n vxlan_xmit+0x25c5/0x4780 [vxlan]\n [ ... ]\n dev_hard_start_xmit+0x1ae/0x6e0\n __dev_queue_xmit+0x1f39/0x31a0\n [ ... ]\n neigh_xmit+0x2f9/0x940\n mpls_xmit+0x911/0x1600 [mpls_iptunnel]\n lwtunnel_xmit+0x18f/0x450\n ip_finish_output2+0x867/0x2040\n [ ... ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47309",
"url": "https://www.suse.com/security/cve/CVE-2021-47309"
},
{
"category": "external",
"summary": "SUSE Bug 1224967 for CVE-2021-47309",
"url": "https://bugzilla.suse.com/1224967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47309"
},
{
"cve": "CVE-2021-47328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47328"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix conn use after free during resets\n\nIf we haven\u0027t done a unbind target call we can race where\niscsi_conn_teardown wakes up the EH thread and then frees the conn while\nthose threads are still accessing the conn ehwait.\n\nWe can only do one TMF per session so this just moves the TMF fields from\nthe conn to the session. We can then rely on the\niscsi_session_teardown-\u003eiscsi_remove_session-\u003e__iscsi_unbind_session call\nto remove the target and it\u0027s devices, and know after that point there is\nno device or scsi-ml callout trying to access the session.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47328",
"url": "https://www.suse.com/security/cve/CVE-2021-47328"
},
{
"category": "external",
"summary": "SUSE Bug 1225047 for CVE-2021-47328",
"url": "https://bugzilla.suse.com/1225047"
},
{
"category": "external",
"summary": "SUSE Bug 1225080 for CVE-2021-47328",
"url": "https://bugzilla.suse.com/1225080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47328"
},
{
"cve": "CVE-2021-47354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47354"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Avoid data corruptions\n\nWait for all dependencies of a job to complete before\nkilling it to avoid data corruptions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47354",
"url": "https://www.suse.com/security/cve/CVE-2021-47354"
},
{
"category": "external",
"summary": "SUSE Bug 1225140 for CVE-2021-47354",
"url": "https://bugzilla.suse.com/1225140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47354"
},
{
"cve": "CVE-2021-47372",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47372"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: fix use after free on rmmod\n\nplat_dev-\u003edev-\u003eplatform_data is released by platform_device_unregister(),\nuse of pclk and hclk is a use-after-free. Since device unregister won\u0027t\nneed a clk device we adjust the function call sequence to fix this issue.\n\n[ 31.261225] BUG: KASAN: use-after-free in macb_remove+0x77/0xc6 [macb_pci]\n[ 31.275563] Freed by task 306:\n[ 30.276782] platform_device_release+0x25/0x80",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47372",
"url": "https://www.suse.com/security/cve/CVE-2021-47372"
},
{
"category": "external",
"summary": "SUSE Bug 1225184 for CVE-2021-47372",
"url": "https://bugzilla.suse.com/1225184"
},
{
"category": "external",
"summary": "SUSE Bug 1229946 for CVE-2021-47372",
"url": "https://bugzilla.suse.com/1229946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2021-47372"
},
{
"cve": "CVE-2021-47379",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47379"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd\n\nKASAN reports a use-after-free report when doing fuzz test:\n\n[693354.104835] ==================================================================\n[693354.105094] BUG: KASAN: use-after-free in bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105336] Read of size 4 at addr ffff888be0a35664 by task sh/1453338\n\n[693354.105607] CPU: 41 PID: 1453338 Comm: sh Kdump: loaded Not tainted 4.18.0-147\n[693354.105610] Hardware name: Huawei 2288H V5/BC11SPSCB0, BIOS 0.81 07/02/2018\n[693354.105612] Call Trace:\n[693354.105621] dump_stack+0xf1/0x19b\n[693354.105626] ? show_regs_print_info+0x5/0x5\n[693354.105634] ? printk+0x9c/0xc3\n[693354.105638] ? cpumask_weight+0x1f/0x1f\n[693354.105648] print_address_description+0x70/0x360\n[693354.105654] kasan_report+0x1b2/0x330\n[693354.105659] ? bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105665] ? bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105670] bfq_io_set_weight_legacy+0xd3/0x160\n[693354.105675] ? bfq_cpd_init+0x20/0x20\n[693354.105683] cgroup_file_write+0x3aa/0x510\n[693354.105693] ? ___slab_alloc+0x507/0x540\n[693354.105698] ? cgroup_file_poll+0x60/0x60\n[693354.105702] ? 0xffffffff89600000\n[693354.105708] ? usercopy_abort+0x90/0x90\n[693354.105716] ? mutex_lock+0xef/0x180\n[693354.105726] kernfs_fop_write+0x1ab/0x280\n[693354.105732] ? cgroup_file_poll+0x60/0x60\n[693354.105738] vfs_write+0xe7/0x230\n[693354.105744] ksys_write+0xb0/0x140\n[693354.105749] ? __ia32_sys_read+0x50/0x50\n[693354.105760] do_syscall_64+0x112/0x370\n[693354.105766] ? syscall_return_slowpath+0x260/0x260\n[693354.105772] ? do_page_fault+0x9b/0x270\n[693354.105779] ? prepare_exit_to_usermode+0xf9/0x1a0\n[693354.105784] ? enter_from_user_mode+0x30/0x30\n[693354.105793] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n[693354.105875] Allocated by task 1453337:\n[693354.106001] kasan_kmalloc+0xa0/0xd0\n[693354.106006] kmem_cache_alloc_node_trace+0x108/0x220\n[693354.106010] bfq_pd_alloc+0x96/0x120\n[693354.106015] blkcg_activate_policy+0x1b7/0x2b0\n[693354.106020] bfq_create_group_hierarchy+0x1e/0x80\n[693354.106026] bfq_init_queue+0x678/0x8c0\n[693354.106031] blk_mq_init_sched+0x1f8/0x460\n[693354.106037] elevator_switch_mq+0xe1/0x240\n[693354.106041] elevator_switch+0x25/0x40\n[693354.106045] elv_iosched_store+0x1a1/0x230\n[693354.106049] queue_attr_store+0x78/0xb0\n[693354.106053] kernfs_fop_write+0x1ab/0x280\n[693354.106056] vfs_write+0xe7/0x230\n[693354.106060] ksys_write+0xb0/0x140\n[693354.106064] do_syscall_64+0x112/0x370\n[693354.106069] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n[693354.106114] Freed by task 1453336:\n[693354.106225] __kasan_slab_free+0x130/0x180\n[693354.106229] kfree+0x90/0x1b0\n[693354.106233] blkcg_deactivate_policy+0x12c/0x220\n[693354.106238] bfq_exit_queue+0xf5/0x110\n[693354.106241] blk_mq_exit_sched+0x104/0x130\n[693354.106245] __elevator_exit+0x45/0x60\n[693354.106249] elevator_switch_mq+0xd6/0x240\n[693354.106253] elevator_switch+0x25/0x40\n[693354.106257] elv_iosched_store+0x1a1/0x230\n[693354.106261] queue_attr_store+0x78/0xb0\n[693354.106264] kernfs_fop_write+0x1ab/0x280\n[693354.106268] vfs_write+0xe7/0x230\n[693354.106271] ksys_write+0xb0/0x140\n[693354.106275] do_syscall_64+0x112/0x370\n[693354.106280] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\n[693354.106329] The buggy address belongs to the object at ffff888be0a35580\n which belongs to the cache kmalloc-1k of size 1024\n[693354.106736] The buggy address is located 228 bytes inside of\n 1024-byte region [ffff888be0a35580, ffff888be0a35980)\n[693354.107114] The buggy address belongs to the page:\n[693354.107273] page:ffffea002f828c00 count:1 mapcount:0 mapping:ffff888107c17080 index:0x0 compound_mapcount: 0\n[693354.107606] flags: 0x17ffffc0008100(slab|head)\n[693354.107760] raw: 0017ffffc0008100 ffffea002fcbc808 ffffea0030bd3a08 ffff888107c17080\n[693354.108020] r\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47379",
"url": "https://www.suse.com/security/cve/CVE-2021-47379"
},
{
"category": "external",
"summary": "SUSE Bug 1225203 for CVE-2021-47379",
"url": "https://bugzilla.suse.com/1225203"
},
{
"category": "external",
"summary": "SUSE Bug 1225204 for CVE-2021-47379",
"url": "https://bugzilla.suse.com/1225204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47379"
},
{
"cve": "CVE-2021-47407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47407"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Handle SRCU initialization failure during page track init\n\nCheck the return of init_srcu_struct(), which can fail due to OOM, when\ninitializing the page track mechanism. Lack of checking leads to a NULL\npointer deref found by a modified syzkaller.\n\n[Move the call towards the beginning of kvm_arch_init_vm. - Paolo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47407",
"url": "https://www.suse.com/security/cve/CVE-2021-47407"
},
{
"category": "external",
"summary": "SUSE Bug 1225306 for CVE-2021-47407",
"url": "https://bugzilla.suse.com/1225306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47407"
},
{
"cve": "CVE-2021-47418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47418"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: fix NULL deref in fifo_set_limit()\n\nsyzbot reported another NULL deref in fifo_set_limit() [1]\n\nI could repro the issue with :\n\nunshare -n\ntc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbit\ntc qd replace dev lo parent 1:0 pfifo_fast\ntc qd change dev lo root handle 1:0 tbf limit 300000 burst 70000 rate 100Mbit\n\npfifo_fast does not have a change() operation.\nMake fifo_set_limit() more robust about this.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 1cf99067 P4D 1cf99067 PUD 7ca49067 PMD 0\nOops: 0010 [#1] PREEMPT SMP KASAN\nCPU: 1 PID: 14443 Comm: syz-executor959 Not tainted 5.15.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\nRSP: 0018:ffffc9000e2f7310 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffffffff8d6ecc00 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffff888024c27910 RDI: ffff888071e34000\nRBP: ffff888071e34000 R08: 0000000000000001 R09: ffffffff8fcfb947\nR10: 0000000000000001 R11: 0000000000000000 R12: ffff888024c27910\nR13: ffff888071e34018 R14: 0000000000000000 R15: ffff88801ef74800\nFS: 00007f321d897700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 00000000722c3000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n fifo_set_limit net/sched/sch_fifo.c:242 [inline]\n fifo_set_limit+0x198/0x210 net/sched/sch_fifo.c:227\n tbf_change+0x6ec/0x16d0 net/sched/sch_tbf.c:418\n qdisc_change net/sched/sch_api.c:1332 [inline]\n tc_modify_qdisc+0xd9a/0x1a60 net/sched/sch_api.c:1634\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5572\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504\n netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340\n netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47418",
"url": "https://www.suse.com/security/cve/CVE-2021-47418"
},
{
"category": "external",
"summary": "SUSE Bug 1225337 for CVE-2021-47418",
"url": "https://bugzilla.suse.com/1225337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47418"
},
{
"cve": "CVE-2021-47434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47434"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Fix command ring pointer corruption while aborting a command\n\nThe command ring pointer is located at [6:63] bits of the command\nring control register (CRCR). All the control bits like command stop,\nabort are located at [0:3] bits. While aborting a command, we read the\nCRCR and set the abort bit and write to the CRCR. The read will always\ngive command ring pointer as all zeros. So we essentially write only\nthe control bits. Since we split the 64 bit write into two 32 bit writes,\nthere is a possibility of xHC command ring stopped before the upper\ndword (all zeros) is written. If that happens, xHC updates the upper\ndword of its internal command ring pointer with all zeros. Next time,\nwhen the command ring is restarted, we see xHC memory access failures.\nFix this issue by only writing to the lower dword of CRCR where all\ncontrol bits are located.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47434",
"url": "https://www.suse.com/security/cve/CVE-2021-47434"
},
{
"category": "external",
"summary": "SUSE Bug 1225232 for CVE-2021-47434",
"url": "https://bugzilla.suse.com/1225232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47434"
},
{
"cve": "CVE-2021-47445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Fix null pointer dereference on pointer edp\n\nThe initialization of pointer dev dereferences pointer edp before\nedp is null checked, so there is a potential null pointer deference\nissue. Fix this by only dereferencing edp after edp has been null\nchecked.\n\nAddresses-Coverity: (\"Dereference before null check\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47445",
"url": "https://www.suse.com/security/cve/CVE-2021-47445"
},
{
"category": "external",
"summary": "SUSE Bug 1225261 for CVE-2021-47445",
"url": "https://bugzilla.suse.com/1225261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47445"
},
{
"cve": "CVE-2021-47518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47518"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done\n\nThe done() netlink callback nfc_genl_dump_ses_done() should check if\nreceived argument is non-NULL, because its allocation could fail earlier\nin dumpit() (nfc_genl_dump_ses()).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47518",
"url": "https://www.suse.com/security/cve/CVE-2021-47518"
},
{
"category": "external",
"summary": "SUSE Bug 1225372 for CVE-2021-47518",
"url": "https://bugzilla.suse.com/1225372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47518"
},
{
"cve": "CVE-2021-47544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix page frag corruption on page fault\n\nSteffen reported a TCP stream corruption for HTTP requests\nserved by the apache web-server using a cifs mount-point\nand memory mapping the relevant file.\n\nThe root cause is quite similar to the one addressed by\ncommit 20eb4f29b602 (\"net: fix sk_page_frag() recursion from\nmemory reclaim\"). Here the nested access to the task page frag\nis caused by a page fault on the (mmapped) user-space memory\nbuffer coming from the cifs file.\n\nThe page fault handler performs an smb transaction on a different\nsocket, inside the same process context. Since sk-\u003esk_allaction\nfor such socket does not prevent the usage for the task_frag,\nthe nested allocation modify \"under the hood\" the page frag\nin use by the outer sendmsg call, corrupting the stream.\n\nThe overall relevant stack trace looks like the following:\n\nhttpd 78268 [001] 3461630.850950: probe:tcp_sendmsg_locked:\n ffffffff91461d91 tcp_sendmsg_locked+0x1\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139814e sock_sendmsg+0x3e\n ffffffffc06dfe1d smb_send_kvec+0x28\n [...]\n ffffffffc06cfaf8 cifs_readpages+0x213\n ffffffff90e83c4b read_pages+0x6b\n ffffffff90e83f31 __do_page_cache_readahead+0x1c1\n ffffffff90e79e98 filemap_fault+0x788\n ffffffff90eb0458 __do_fault+0x38\n ffffffff90eb5280 do_fault+0x1a0\n ffffffff90eb7c84 __handle_mm_fault+0x4d4\n ffffffff90eb8093 handle_mm_fault+0xc3\n ffffffff90c74f6d __do_page_fault+0x1ed\n ffffffff90c75277 do_page_fault+0x37\n ffffffff9160111e page_fault+0x1e\n ffffffff9109e7b5 copyin+0x25\n ffffffff9109eb40 _copy_from_iter_full+0xe0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462370 tcp_sendmsg_locked+0x5e0\n ffffffff91462b57 tcp_sendmsg+0x27\n ffffffff9139815c sock_sendmsg+0x4c\n ffffffff913981f7 sock_write_iter+0x97\n ffffffff90f2cc56 do_iter_readv_writev+0x156\n ffffffff90f2dff0 do_iter_write+0x80\n ffffffff90f2e1c3 vfs_writev+0xa3\n ffffffff90f2e27c do_writev+0x5c\n ffffffff90c042bb do_syscall_64+0x5b\n ffffffff916000ad entry_SYSCALL_64_after_hwframe+0x65\n\nThe cifs filesystem rightfully sets sk_allocations to GFP_NOFS,\nwe can avoid the nesting using the sk page frag for allocation\nlacking the __GFP_FS flag. Do not define an additional mm-helper\nfor that, as this is strictly tied to the sk page frag usage.\n\nv1 -\u003e v2:\n - use a stricted sk_page_frag() check instead of reordering the\n code (Eric)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47544",
"url": "https://www.suse.com/security/cve/CVE-2021-47544"
},
{
"category": "external",
"summary": "SUSE Bug 1225463 for CVE-2021-47544",
"url": "https://bugzilla.suse.com/1225463"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47544"
},
{
"cve": "CVE-2021-47566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc/vmcore: fix clearing user buffer by properly using clear_user()\n\nTo clear a user buffer we cannot simply use memset, we have to use\nclear_user(). With a virtio-mem device that registers a vmcore_cb and\nhas some logically unplugged memory inside an added Linux memory block,\nI can easily trigger a BUG by copying the vmcore via \"cp\":\n\n systemd[1]: Starting Kdump Vmcore Save Service...\n kdump[420]: Kdump is using the default log level(3).\n kdump[453]: saving to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/\n kdump[458]: saving vmcore-dmesg.txt to /sysroot/var/crash/127.0.0.1-2021-11-11-14:59:22/\n kdump[465]: saving vmcore-dmesg.txt complete\n kdump[467]: saving vmcore\n BUG: unable to handle page fault for address: 00007f2374e01000\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0003) - permissions violation\n PGD 7a523067 P4D 7a523067 PUD 7a528067 PMD 7a525067 PTE 800000007048f867\n Oops: 0003 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 468 Comm: cp Not tainted 5.15.0+ #6\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.14.0-27-g64f37cc530f1-prebuilt.qemu.org 04/01/2014\n RIP: 0010:read_from_oldmem.part.0.cold+0x1d/0x86\n Code: ff ff ff e8 05 ff fe ff e9 b9 e9 7f ff 48 89 de 48 c7 c7 38 3b 60 82 e8 f1 fe fe ff 83 fd 08 72 3c 49 8d 7d 08 4c 89 e9 89 e8 \u003c49\u003e c7 45 00 00 00 00 00 49 c7 44 05 f8 00 00 00 00 48 83 e7 f81\n RSP: 0018:ffffc9000073be08 EFLAGS: 00010212\n RAX: 0000000000001000 RBX: 00000000002fd000 RCX: 00007f2374e01000\n RDX: 0000000000000001 RSI: 00000000ffffdfff RDI: 00007f2374e01008\n RBP: 0000000000001000 R08: 0000000000000000 R09: ffffc9000073bc50\n R10: ffffc9000073bc48 R11: ffffffff829461a8 R12: 000000000000f000\n R13: 00007f2374e01000 R14: 0000000000000000 R15: ffff88807bd421e8\n FS: 00007f2374e12140(0000) GS:ffff88807f000000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f2374e01000 CR3: 000000007a4aa000 CR4: 0000000000350eb0\n Call Trace:\n read_vmcore+0x236/0x2c0\n proc_reg_read+0x55/0xa0\n vfs_read+0x95/0x190\n ksys_read+0x4f/0xc0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nSome x86-64 CPUs have a CPU feature called \"Supervisor Mode Access\nPrevention (SMAP)\", which is used to detect wrong access from the kernel\nto user buffers like this: SMAP triggers a permissions violation on\nwrong access. In the x86-64 variant of clear_user(), SMAP is properly\nhandled via clac()+stac().\n\nTo fix, properly use clear_user() when we\u0027re dealing with a user buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47566",
"url": "https://www.suse.com/security/cve/CVE-2021-47566"
},
{
"category": "external",
"summary": "SUSE Bug 1225514 for CVE-2021-47566",
"url": "https://bugzilla.suse.com/1225514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47566"
},
{
"cve": "CVE-2021-47571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()\n\nThe free_rtllib() function frees the \"dev\" pointer so there is use\nafter free on the next line. Re-arrange things to avoid that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47571",
"url": "https://www.suse.com/security/cve/CVE-2021-47571"
},
{
"category": "external",
"summary": "SUSE Bug 1225518 for CVE-2021-47571",
"url": "https://bugzilla.suse.com/1225518"
},
{
"category": "external",
"summary": "SUSE Bug 1227551 for CVE-2021-47571",
"url": "https://bugzilla.suse.com/1227551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2021-47571"
},
{
"cve": "CVE-2021-47576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()\n\nIn resp_mode_select() sanity check the block descriptor len to avoid UAF.\n\nBUG: KASAN: use-after-free in resp_mode_select+0xa4c/0xb40 drivers/scsi/scsi_debug.c:2509\nRead of size 1 at addr ffff888026670f50 by task scsicmd/15032\n\nCPU: 1 PID: 15032 Comm: scsicmd Not tainted 5.15.0-01d0625 #15\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x89/0xb5 lib/dump_stack.c:107\n print_address_description.constprop.9+0x28/0x160 mm/kasan/report.c:257\n kasan_report.cold.14+0x7d/0x117 mm/kasan/report.c:443\n __asan_report_load1_noabort+0x14/0x20 mm/kasan/report_generic.c:306\n resp_mode_select+0xa4c/0xb40 drivers/scsi/scsi_debug.c:2509\n schedule_resp+0x4af/0x1a10 drivers/scsi/scsi_debug.c:5483\n scsi_debug_queuecommand+0x8c9/0x1e70 drivers/scsi/scsi_debug.c:7537\n scsi_queue_rq+0x16b4/0x2d10 drivers/scsi/scsi_lib.c:1521\n blk_mq_dispatch_rq_list+0xb9b/0x2700 block/blk-mq.c:1640\n __blk_mq_sched_dispatch_requests+0x28f/0x590 block/blk-mq-sched.c:325\n blk_mq_sched_dispatch_requests+0x105/0x190 block/blk-mq-sched.c:358\n __blk_mq_run_hw_queue+0xe5/0x150 block/blk-mq.c:1762\n __blk_mq_delay_run_hw_queue+0x4f8/0x5c0 block/blk-mq.c:1839\n blk_mq_run_hw_queue+0x18d/0x350 block/blk-mq.c:1891\n blk_mq_sched_insert_request+0x3db/0x4e0 block/blk-mq-sched.c:474\n blk_execute_rq_nowait+0x16b/0x1c0 block/blk-exec.c:63\n sg_common_write.isra.18+0xeb3/0x2000 drivers/scsi/sg.c:837\n sg_new_write.isra.19+0x570/0x8c0 drivers/scsi/sg.c:775\n sg_ioctl_common+0x14d6/0x2710 drivers/scsi/sg.c:941\n sg_ioctl+0xa2/0x180 drivers/scsi/sg.c:1166\n __x64_sys_ioctl+0x19d/0x220 fs/ioctl.c:52\n do_syscall_64+0x3a/0x80 arch/x86/entry/common.c:50\n entry_SYSCALL_64_after_hwframe+0x44/0xae arch/x86/entry/entry_64.S:113",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47576",
"url": "https://www.suse.com/security/cve/CVE-2021-47576"
},
{
"category": "external",
"summary": "SUSE Bug 1226537 for CVE-2021-47576",
"url": "https://bugzilla.suse.com/1226537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "low"
}
],
"title": "CVE-2021-47576"
},
{
"cve": "CVE-2021-47587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: Add global locking for descriptor lifecycle\n\nThe descriptor list is a shared resource across all of the transmit queues, and\nthe locking mechanism used today only protects concurrency across a given\ntransmit queue between the transmit and reclaiming. This creates an opportunity\nfor the SYSTEMPORT hardware to work on corrupted descriptors if we have\nmultiple producers at once which is the case when using multiple transmit\nqueues.\n\nThis was particularly noticeable when using multiple flows/transmit queues and\nit showed up in interesting ways in that UDP packets would get a correct UDP\nheader checksum being calculated over an incorrect packet length. Similarly TCP\npackets would get an equally correct checksum computed by the hardware over an\nincorrect packet length.\n\nThe SYSTEMPORT hardware maintains an internal descriptor list that it re-arranges\nwhen the driver produces a new descriptor anytime it writes to the\nWRITE_PORT_{HI,LO} registers, there is however some delay in the hardware to\nre-organize its descriptors and it is possible that concurrent TX queues\neventually break this internal allocation scheme to the point where the\nlength/status part of the descriptor gets used for an incorrect data buffer.\n\nThe fix is to impose a global serialization for all TX queues in the short\nsection where we are writing to the WRITE_PORT_{HI,LO} registers which solves\nthe corruption even with multiple concurrent TX queues being used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47587",
"url": "https://www.suse.com/security/cve/CVE-2021-47587"
},
{
"category": "external",
"summary": "SUSE Bug 1226567 for CVE-2021-47587",
"url": "https://bugzilla.suse.com/1226567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47587"
},
{
"cve": "CVE-2021-47589",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47589"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigbvf: fix double free in `igbvf_probe`\n\nIn `igbvf_probe`, if register_netdev() fails, the program will go to\nlabel err_hw_init, and then to label err_ioremap. In free_netdev() which\nis just below label err_ioremap, there is `list_for_each_entry_safe` and\n`netif_napi_del` which aims to delete all entries in `dev-\u003enapi_list`.\nThe program has added an entry `adapter-\u003erx_ring-\u003enapi` which is added by\n`netif_napi_add` in igbvf_alloc_queues(). However, adapter-\u003erx_ring has\nbeen freed below label err_hw_init. So this a UAF.\n\nIn terms of how to patch the problem, we can refer to igbvf_remove() and\ndelete the entry before `adapter-\u003erx_ring`.\n\nThe KASAN logs are as follows:\n\n[ 35.126075] BUG: KASAN: use-after-free in free_netdev+0x1fd/0x450\n[ 35.127170] Read of size 8 at addr ffff88810126d990 by task modprobe/366\n[ 35.128360]\n[ 35.128643] CPU: 1 PID: 366 Comm: modprobe Not tainted 5.15.0-rc2+ #14\n[ 35.129789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014\n[ 35.131749] Call Trace:\n[ 35.132199] dump_stack_lvl+0x59/0x7b\n[ 35.132865] print_address_description+0x7c/0x3b0\n[ 35.133707] ? free_netdev+0x1fd/0x450\n[ 35.134378] __kasan_report+0x160/0x1c0\n[ 35.135063] ? free_netdev+0x1fd/0x450\n[ 35.135738] kasan_report+0x4b/0x70\n[ 35.136367] free_netdev+0x1fd/0x450\n[ 35.137006] igbvf_probe+0x121d/0x1a10 [igbvf]\n[ 35.137808] ? igbvf_vlan_rx_add_vid+0x100/0x100 [igbvf]\n[ 35.138751] local_pci_probe+0x13c/0x1f0\n[ 35.139461] pci_device_probe+0x37e/0x6c0\n[ 35.165526]\n[ 35.165806] Allocated by task 366:\n[ 35.166414] ____kasan_kmalloc+0xc4/0xf0\n[ 35.167117] foo_kmem_cache_alloc_trace+0x3c/0x50 [igbvf]\n[ 35.168078] igbvf_probe+0x9c5/0x1a10 [igbvf]\n[ 35.168866] local_pci_probe+0x13c/0x1f0\n[ 35.169565] pci_device_probe+0x37e/0x6c0\n[ 35.179713]\n[ 35.179993] Freed by task 366:\n[ 35.180539] kasan_set_track+0x4c/0x80\n[ 35.181211] kasan_set_free_info+0x1f/0x40\n[ 35.181942] ____kasan_slab_free+0x103/0x140\n[ 35.182703] kfree+0xe3/0x250\n[ 35.183239] igbvf_probe+0x1173/0x1a10 [igbvf]\n[ 35.184040] local_pci_probe+0x13c/0x1f0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47589",
"url": "https://www.suse.com/security/cve/CVE-2021-47589"
},
{
"category": "external",
"summary": "SUSE Bug 1226557 for CVE-2021-47589",
"url": "https://bugzilla.suse.com/1226557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47589"
},
{
"cve": "CVE-2021-47600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47600"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm btree remove: fix use after free in rebalance_children()\n\nMove dm_tm_unlock() after dm_tm_dec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47600",
"url": "https://www.suse.com/security/cve/CVE-2021-47600"
},
{
"category": "external",
"summary": "SUSE Bug 1226575 for CVE-2021-47600",
"url": "https://bugzilla.suse.com/1226575"
},
{
"category": "external",
"summary": "SUSE Bug 1227472 for CVE-2021-47600",
"url": "https://bugzilla.suse.com/1227472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2021-47600"
},
{
"cve": "CVE-2021-47602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: track only QoS data frames for admission control\n\nFor admission control, obviously all of that only works for\nQoS data frames, otherwise we cannot even access the QoS\nfield in the header.\n\nSyzbot reported (see below) an uninitialized value here due\nto a status of a non-QoS nullfunc packet, which isn\u0027t even\nlong enough to contain the QoS header.\n\nFix this to only do anything for QoS data packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47602",
"url": "https://www.suse.com/security/cve/CVE-2021-47602"
},
{
"category": "external",
"summary": "SUSE Bug 1226554 for CVE-2021-47602",
"url": "https://bugzilla.suse.com/1226554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47602"
},
{
"cve": "CVE-2021-47603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47603"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: improve robustness of the audit queue handling\n\nIf the audit daemon were ever to get stuck in a stopped state the\nkernel\u0027s kauditd_thread() could get blocked attempting to send audit\nrecords to the userspace audit daemon. With the kernel thread\nblocked it is possible that the audit queue could grow unbounded as\ncertain audit record generating events must be exempt from the queue\nlimits else the system enter a deadlock state.\n\nThis patch resolves this problem by lowering the kernel thread\u0027s\nsocket sending timeout from MAX_SCHEDULE_TIMEOUT to HZ/10 and tweaks\nthe kauditd_send_queue() function to better manage the various audit\nqueues when connection problems occur between the kernel and the\naudit daemon. With this patch, the backlog may temporarily grow\nbeyond the defined limits when the audit daemon is stopped and the\nsystem is under heavy audit pressure, but kauditd_thread() will\ncontinue to make progress and drain the queues as it would for other\nconnection problems. For example, with the audit daemon put into a\nstopped state and the system configured to audit every syscall it\nwas still possible to shutdown the system without a kernel panic,\ndeadlock, etc.; granted, the system was slow to shutdown but that is\nto be expected given the extreme pressure of recording every syscall.\n\nThe timeout value of HZ/10 was chosen primarily through\nexperimentation and this developer\u0027s \"gut feeling\". There is likely\nno one perfect value, but as this scenario is limited in scope (root\nprivileges would be needed to send SIGSTOP to the audit daemon), it\nis likely not worth exposing this as a tunable at present. This can\nalways be done at a later date if it proves necessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47603",
"url": "https://www.suse.com/security/cve/CVE-2021-47603"
},
{
"category": "external",
"summary": "SUSE Bug 1226577 for CVE-2021-47603",
"url": "https://bugzilla.suse.com/1226577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47603"
},
{
"cve": "CVE-2021-47609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47609"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Fix string overflow in SCPI genpd driver\n\nWithout the bound checks for scpi_pd-\u003ename, it could result in the buffer\noverflow when copying the SCPI device name from the corresponding device\ntree node as the name string is set at maximum size of 30.\n\nLet us fix it by using devm_kasprintf so that the string buffer is\nallocated dynamically.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47609",
"url": "https://www.suse.com/security/cve/CVE-2021-47609"
},
{
"category": "external",
"summary": "SUSE Bug 1226562 for CVE-2021-47609",
"url": "https://bugzilla.suse.com/1226562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47609"
},
{
"cve": "CVE-2021-47617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pciehp: Fix infinite loop in IRQ handler upon power fault\n\nThe Power Fault Detected bit in the Slot Status register differs from\nall other hotplug events in that it is sticky: It can only be cleared\nafter turning off slot power. Per PCIe r5.0, sec. 6.7.1.8:\n\n If a power controller detects a main power fault on the hot-plug slot,\n it must automatically set its internal main power fault latch [...].\n The main power fault latch is cleared when software turns off power to\n the hot-plug slot.\n\nThe stickiness used to cause interrupt storms and infinite loops which\nwere fixed in 2009 by commits 5651c48cfafe (\"PCI pciehp: fix power fault\ninterrupt storm problem\") and 99f0169c17f3 (\"PCI: pciehp: enable\nsoftware notification on empty slots\").\n\nUnfortunately in 2020 the infinite loop issue was inadvertently\nreintroduced by commit 8edf5332c393 (\"PCI: pciehp: Fix MSI interrupt\nrace\"): The hardirq handler pciehp_isr() clears the PFD bit until\npciehp\u0027s power_fault_detected flag is set. That happens in the IRQ\nthread pciehp_ist(), which never learns of the event because the hardirq\nhandler is stuck in an infinite loop. Fix by setting the\npower_fault_detected flag already in the hardirq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47617",
"url": "https://www.suse.com/security/cve/CVE-2021-47617"
},
{
"category": "external",
"summary": "SUSE Bug 1226614 for CVE-2021-47617",
"url": "https://bugzilla.suse.com/1226614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2021-47617"
},
{
"cve": "CVE-2022-48711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: improve size validations for received domain records\n\nThe function tipc_mon_rcv() allows a node to receive and process\ndomain_record structs from peer nodes to track their views of the\nnetwork topology.\n\nThis patch verifies that the number of members in a received domain\nrecord does not exceed the limit defined by MAX_MON_DOMAIN, something\nthat may otherwise lead to a stack overflow.\n\ntipc_mon_rcv() is called from the function tipc_link_proto_rcv(), where\nwe are reading a 32 bit message data length field into a uint16. To\navert any risk of bit overflow, we add an extra sanity check for this in\nthat function. We cannot see that happen with the current code, but\nfuture designers being unaware of this risk, may introduce it by\nallowing delivery of very large (\u003e 64k) sk buffers from the bearer\nlayer. This potential problem was identified by Eric Dumazet.\n\nThis fixes CVE-2022-0435",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48711",
"url": "https://www.suse.com/security/cve/CVE-2022-48711"
},
{
"category": "external",
"summary": "SUSE Bug 1226672 for CVE-2022-48711",
"url": "https://bugzilla.suse.com/1226672"
},
{
"category": "external",
"summary": "SUSE Bug 1227473 for CVE-2022-48711",
"url": "https://bugzilla.suse.com/1227473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2022-48711"
},
{
"cve": "CVE-2022-48715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Make bnx2fc_recv_frame() mp safe\n\nRunning tests with a debug kernel shows that bnx2fc_recv_frame() is\nmodifying the per_cpu lport stats counters in a non-mpsafe way. Just boot\na debug kernel and run the bnx2fc driver with the hardware enabled.\n\n[ 1391.699147] BUG: using smp_processor_id() in preemptible [00000000] code: bnx2fc_\n[ 1391.699160] caller is bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699174] CPU: 2 PID: 4355 Comm: bnx2fc_l2_threa Kdump: loaded Tainted: G B\n[ 1391.699180] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n[ 1391.699183] Call Trace:\n[ 1391.699188] dump_stack_lvl+0x57/0x7d\n[ 1391.699198] check_preemption_disabled+0xc8/0xd0\n[ 1391.699205] bnx2fc_recv_frame+0xbf9/0x1760 [bnx2fc]\n[ 1391.699215] ? do_raw_spin_trylock+0xb5/0x180\n[ 1391.699221] ? bnx2fc_npiv_create_vports.isra.0+0x4e0/0x4e0 [bnx2fc]\n[ 1391.699229] ? bnx2fc_l2_rcv_thread+0xb7/0x3a0 [bnx2fc]\n[ 1391.699240] bnx2fc_l2_rcv_thread+0x1af/0x3a0 [bnx2fc]\n[ 1391.699250] ? bnx2fc_ulp_init+0xc0/0xc0 [bnx2fc]\n[ 1391.699258] kthread+0x364/0x420\n[ 1391.699263] ? _raw_spin_unlock_irq+0x24/0x50\n[ 1391.699268] ? set_kthread_struct+0x100/0x100\n[ 1391.699273] ret_from_fork+0x22/0x30\n\nRestore the old get_cpu/put_cpu code with some modifications to reduce the\nsize of the critical section.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48715",
"url": "https://www.suse.com/security/cve/CVE-2022-48715"
},
{
"category": "external",
"summary": "SUSE Bug 1226621 for CVE-2022-48715",
"url": "https://bugzilla.suse.com/1226621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "low"
}
],
"title": "CVE-2022-48715"
},
{
"cve": "CVE-2022-48722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48722"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: ca8210: Stop leaking skb\u0027s\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. We then leak the skb\nstructure.\n\nFree the skb structure upon error before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48722",
"url": "https://www.suse.com/security/cve/CVE-2022-48722"
},
{
"category": "external",
"summary": "SUSE Bug 1226619 for CVE-2022-48722",
"url": "https://bugzilla.suse.com/1226619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48722"
},
{
"cve": "CVE-2022-48732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix off by one in BIOS boundary checking\n\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac\u0027s with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\n\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48732",
"url": "https://www.suse.com/security/cve/CVE-2022-48732"
},
{
"category": "external",
"summary": "SUSE Bug 1226716 for CVE-2022-48732",
"url": "https://bugzilla.suse.com/1226716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48732"
},
{
"cve": "CVE-2022-48733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free after failure to create a snapshot\n\nAt ioctl.c:create_snapshot(), we allocate a pending snapshot structure and\nthen attach it to the transaction\u0027s list of pending snapshots. After that\nwe call btrfs_commit_transaction(), and if that returns an error we jump\nto \u0027fail\u0027 label, where we kfree() the pending snapshot structure. This can\nresult in a later use-after-free of the pending snapshot:\n\n1) We allocated the pending snapshot and added it to the transaction\u0027s\n list of pending snapshots;\n\n2) We call btrfs_commit_transaction(), and it fails either at the first\n call to btrfs_run_delayed_refs() or btrfs_start_dirty_block_groups().\n In both cases, we don\u0027t abort the transaction and we release our\n transaction handle. We jump to the \u0027fail\u0027 label and free the pending\n snapshot structure. We return with the pending snapshot still in the\n transaction\u0027s list;\n\n3) Another task commits the transaction. This time there\u0027s no error at\n all, and then during the transaction commit it accesses a pointer\n to the pending snapshot structure that the snapshot creation task\n has already freed, resulting in a user-after-free.\n\nThis issue could actually be detected by smatch, which produced the\nfollowing warning:\n\n fs/btrfs/ioctl.c:843 create_snapshot() warn: \u0027\u0026pending_snapshot-\u003elist\u0027 not removed from list\n\nSo fix this by not having the snapshot creation ioctl directly add the\npending snapshot to the transaction\u0027s list. Instead add the pending\nsnapshot to the transaction handle, and then at btrfs_commit_transaction()\nwe add the snapshot to the list only when we can guarantee that any error\nreturned after that point will result in a transaction abort, in which\ncase the ioctl code can safely free the pending snapshot and no one can\naccess it anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48733",
"url": "https://www.suse.com/security/cve/CVE-2022-48733"
},
{
"category": "external",
"summary": "SUSE Bug 1226718 for CVE-2022-48733",
"url": "https://bugzilla.suse.com/1226718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48733"
},
{
"cve": "CVE-2022-48740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: fix double free of cond_list on error paths\n\nOn error path from cond_read_list() and duplicate_policydb_cond_list()\nthe cond_list_destroy() gets called a second time in caller functions,\nresulting in NULL pointer deref. Fix this by resetting the\ncond_list_len to 0 in cond_list_destroy(), making subsequent calls a\nnoop.\n\nAlso consistently reset the cond_list pointer to NULL after freeing.\n\n[PM: fix line lengths in the description]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48740",
"url": "https://www.suse.com/security/cve/CVE-2022-48740"
},
{
"category": "external",
"summary": "SUSE Bug 1226699 for CVE-2022-48740",
"url": "https://bugzilla.suse.com/1226699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48740"
},
{
"cve": "CVE-2022-48743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: amd-xgbe: Fix skb data length underflow\n\nThere will be BUG_ON() triggered in include/linux/skbuff.h leading to\nintermittent kernel panic, when the skb length underflow is detected.\n\nFix this by dropping the packet if such length underflows are seen\nbecause of inconsistencies in the hardware descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48743",
"url": "https://www.suse.com/security/cve/CVE-2022-48743"
},
{
"category": "external",
"summary": "SUSE Bug 1226705 for CVE-2022-48743",
"url": "https://bugzilla.suse.com/1226705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48743"
},
{
"cve": "CVE-2022-48754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphylib: fix potential use-after-free\n\nCommit bafbdd527d56 (\"phylib: Add device reset GPIO support\") added call\nto phy_device_reset(phydev) after the put_device() call in phy_detach().\n\nThe comment before the put_device() call says that the phydev might go\naway with put_device().\n\nFix potential use-after-free by calling phy_device_reset() before\nput_device().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48754",
"url": "https://www.suse.com/security/cve/CVE-2022-48754"
},
{
"category": "external",
"summary": "SUSE Bug 1226692 for CVE-2022-48754",
"url": "https://bugzilla.suse.com/1226692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48754"
},
{
"cve": "CVE-2022-48756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\n\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\n\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\n\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48756",
"url": "https://www.suse.com/security/cve/CVE-2022-48756"
},
{
"category": "external",
"summary": "SUSE Bug 1226698 for CVE-2022-48756",
"url": "https://bugzilla.suse.com/1226698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48756"
},
{
"cve": "CVE-2022-48758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\n\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\n\nReplace the fcoe_port\u0027s destroy_work queue. It\u0027s not needed.\n\nThe problem is easily reproducible with the following steps.\n\nExample:\n\n $ dmesg -w \u0026\n $ systemctl enable --now fcoe\n $ fipvlan -s -c ens2f1\n $ fcoeadm -d ens2f1.802\n [ 583.464488] host2: libfc: Link down on port (7500a1)\n [ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n [ 583.490468] ------------[ cut here ]------------\n [ 583.538725] sysfs group \u0027power\u0027 not found for kobject \u0027rport-2:0-0\u0027\n [ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n [ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n [ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n [ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n [ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n [ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n [ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n [ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n [ 584.454888] Call Trace:\n [ 584.466108] device_del+0xb2/0x3e0\n [ 584.481701] device_unregister+0x13/0x60\n [ 584.501306] bsg_unregister_queue+0x5b/0x80\n [ 584.522029] bsg_remove_queue+0x1c/0x40\n [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n [ 584.573823] process_one_work+0x1e3/0x3b0\n [ 584.592396] worker_thread+0x50/0x3b0\n [ 584.609256] ? rescuer_thread+0x370/0x370\n [ 584.628877] kthread+0x149/0x170\n [ 584.643673] ? set_kthread_struct+0x40/0x40\n [ 584.662909] ret_from_fork+0x22/0x30\n [ 584.680002] ---[ end trace 53575ecefa942ece ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48758",
"url": "https://www.suse.com/security/cve/CVE-2022-48758"
},
{
"category": "external",
"summary": "SUSE Bug 1226708 for CVE-2022-48758",
"url": "https://bugzilla.suse.com/1226708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48758"
},
{
"cve": "CVE-2022-48759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev\n\nstruct rpmsg_ctrldev contains a struct cdev. The current code frees\nthe rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but the\ncdev is a managed object, therefore its release is not predictable\nand the rpmsg_ctrldev could be freed before the cdev is entirely\nreleased, as in the backtrace below.\n\n[ 93.625603] ODEBUG: free active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x7c\n[ 93.636115] WARNING: CPU: 0 PID: 12 at lib/debugobjects.c:488 debug_print_object+0x13c/0x1b0\n[ 93.644799] Modules linked in: veth xt_cgroup xt_MASQUERADE rfcomm algif_hash algif_skcipher af_alg uinput ip6table_nat fuse uvcvideo videobuf2_vmalloc venus_enc venus_dec videobuf2_dma_contig hci_uart btandroid btqca snd_soc_rt5682_i2c bluetooth qcom_spmi_temp_alarm snd_soc_rt5682v\n[ 93.715175] CPU: 0 PID: 12 Comm: kworker/0:1 Tainted: G B 5.4.163-lockdep #26\n[ 93.723855] Hardware name: Google Lazor (rev3 - 8) with LTE (DT)\n[ 93.730055] Workqueue: events kobject_delayed_cleanup\n[ 93.735271] pstate: 60c00009 (nZCv daif +PAN +UAO)\n[ 93.740216] pc : debug_print_object+0x13c/0x1b0\n[ 93.744890] lr : debug_print_object+0x13c/0x1b0\n[ 93.749555] sp : ffffffacf5bc7940\n[ 93.752978] x29: ffffffacf5bc7940 x28: dfffffd000000000\n[ 93.758448] x27: ffffffacdb11a800 x26: dfffffd000000000\n[ 93.763916] x25: ffffffd0734f856c x24: dfffffd000000000\n[ 93.769389] x23: 0000000000000000 x22: ffffffd0733c35b0\n[ 93.774860] x21: ffffffd0751994a0 x20: ffffffd075ec27c0\n[ 93.780338] x19: ffffffd075199100 x18: 00000000000276e0\n[ 93.785814] x17: 0000000000000000 x16: dfffffd000000000\n[ 93.791291] x15: ffffffffffffffff x14: 6e6968207473696c\n[ 93.796768] x13: 0000000000000000 x12: ffffffd075e2b000\n[ 93.802244] x11: 0000000000000001 x10: 0000000000000000\n[ 93.807723] x9 : d13400dff1921900 x8 : d13400dff1921900\n[ 93.813200] x7 : 0000000000000000 x6 : 0000000000000000\n[ 93.818676] x5 : 0000000000000080 x4 : 0000000000000000\n[ 93.824152] x3 : ffffffd0732a0fa4 x2 : 0000000000000001\n[ 93.829628] x1 : ffffffacf5bc7580 x0 : 0000000000000061\n[ 93.835104] Call trace:\n[ 93.837644] debug_print_object+0x13c/0x1b0\n[ 93.841963] __debug_check_no_obj_freed+0x25c/0x3c0\n[ 93.846987] debug_check_no_obj_freed+0x18/0x20\n[ 93.851669] slab_free_freelist_hook+0xbc/0x1e4\n[ 93.856346] kfree+0xfc/0x2f4\n[ 93.859416] rpmsg_ctrldev_release_device+0x78/0xb8\n[ 93.864445] device_release+0x84/0x168\n[ 93.868310] kobject_cleanup+0x12c/0x298\n[ 93.872356] kobject_delayed_cleanup+0x10/0x18\n[ 93.876948] process_one_work+0x578/0x92c\n[ 93.881086] worker_thread+0x804/0xcf8\n[ 93.884963] kthread+0x2a8/0x314\n[ 93.888303] ret_from_fork+0x10/0x18\n\nThe cdev_device_add/del() API was created to address this issue (see\ncommit \u0027233ed09d7fda (\"chardev: add helper function to register char\ndevs with a struct device\")\u0027), use it instead of cdev add/del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48759",
"url": "https://www.suse.com/security/cve/CVE-2022-48759"
},
{
"category": "external",
"summary": "SUSE Bug 1226711 for CVE-2022-48759",
"url": "https://bugzilla.suse.com/1226711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48759"
},
{
"cve": "CVE-2022-48760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix hang in usb_kill_urb by adding memory barriers\n\nThe syzbot fuzzer has identified a bug in which processes hang waiting\nfor usb_kill_urb() to return. It turns out the issue is not unlinking\nthe URB; that works just fine. Rather, the problem arises when the\nwakeup notification that the URB has completed is not received.\n\nThe reason is memory-access ordering on SMP systems. In outline form,\nusb_kill_urb() and __usb_hcd_giveback_urb() operating concurrently on\ndifferent CPUs perform the following actions:\n\nCPU 0\t\t\t\t\tCPU 1\n----------------------------\t\t---------------------------------\nusb_kill_urb():\t\t\t\t__usb_hcd_giveback_urb():\n ...\t\t\t\t\t ...\n atomic_inc(\u0026urb-\u003ereject);\t\t atomic_dec(\u0026urb-\u003euse_count);\n ...\t\t\t\t\t ...\n wait_event(usb_kill_urb_queue,\n\tatomic_read(\u0026urb-\u003euse_count) == 0);\n\t\t\t\t\t if (atomic_read(\u0026urb-\u003ereject))\n\t\t\t\t\t\twake_up(\u0026usb_kill_urb_queue);\n\nConfining your attention to urb-\u003ereject and urb-\u003euse_count, you can\nsee that the overall pattern of accesses on CPU 0 is:\n\n\twrite urb-\u003ereject, then read urb-\u003euse_count;\n\nwhereas the overall pattern of accesses on CPU 1 is:\n\n\twrite urb-\u003euse_count, then read urb-\u003ereject.\n\nThis pattern is referred to in memory-model circles as SB (for \"Store\nBuffering\"), and it is well known that without suitable enforcement of\nthe desired order of accesses -- in the form of memory barriers -- it\nis entirely possible for one or both CPUs to execute their reads ahead\nof their writes. The end result will be that sometimes CPU 0 sees the\nold un-decremented value of urb-\u003euse_count while CPU 1 sees the old\nun-incremented value of urb-\u003ereject. Consequently CPU 0 ends up on\nthe wait queue and never gets woken up, leading to the observed hang\nin usb_kill_urb().\n\nThe same pattern of accesses occurs in usb_poison_urb() and the\nfailure pathway of usb_hcd_submit_urb().\n\nThe problem is fixed by adding suitable memory barriers. To provide\nproper memory-access ordering in the SB pattern, a full barrier is\nrequired on both CPUs. The atomic_inc() and atomic_dec() accesses\nthemselves don\u0027t provide any memory ordering, but since they are\npresent, we can use the optimized smp_mb__after_atomic() memory\nbarrier in the various routines to obtain the desired effect.\n\nThis patch adds the necessary memory barriers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48760",
"url": "https://www.suse.com/security/cve/CVE-2022-48760"
},
{
"category": "external",
"summary": "SUSE Bug 1226712 for CVE-2022-48760",
"url": "https://bugzilla.suse.com/1226712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48760"
},
{
"cve": "CVE-2022-48761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci-plat: fix crash when suspend if remote wake enable\n\nCrashed at i.mx8qm platform when suspend if enable remote wakeup\n\nInternal error: synchronous external abort: 96000210 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 PID: 244 Comm: kworker/u12:6 Not tainted 5.15.5-dirty #12\nHardware name: Freescale i.MX8QM MEK (DT)\nWorkqueue: events_unbound async_run_entry_fn\npstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : xhci_disable_hub_port_wake.isra.62+0x60/0xf8\nlr : xhci_disable_hub_port_wake.isra.62+0x34/0xf8\nsp : ffff80001394bbf0\nx29: ffff80001394bbf0 x28: 0000000000000000 x27: ffff00081193b578\nx26: ffff00081193b570 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff00081193a29c x22: 0000000000020001 x21: 0000000000000001\nx20: 0000000000000000 x19: ffff800014e90490 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000000 x13: 0000000000000002 x12: 0000000000000000\nx11: 0000000000000000 x10: 0000000000000960 x9 : ffff80001394baa0\nx8 : ffff0008145d1780 x7 : ffff0008f95b8e80 x6 : 000000001853b453\nx5 : 0000000000000496 x4 : 0000000000000000 x3 : ffff00081193a29c\nx2 : 0000000000000001 x1 : 0000000000000000 x0 : ffff000814591620\nCall trace:\n xhci_disable_hub_port_wake.isra.62+0x60/0xf8\n xhci_suspend+0x58/0x510\n xhci_plat_suspend+0x50/0x78\n platform_pm_suspend+0x2c/0x78\n dpm_run_callback.isra.25+0x50/0xe8\n __device_suspend+0x108/0x3c0\n\nThe basic flow:\n\t1. run time suspend call xhci_suspend, xhci parent devices gate the clock.\n 2. echo mem \u003e/sys/power/state, system _device_suspend call xhci_suspend\n 3. xhci_suspend call xhci_disable_hub_port_wake, which access register,\n\t but clock already gated by run time suspend.\n\nThis problem was hidden by power domain driver, which call run time resume before it.\n\nBut the below commit remove it and make this issue happen.\n\tcommit c1df456d0f06e (\"PM: domains: Don\u0027t runtime resume devices at genpd_prepare()\")\n\nThis patch call run time resume before suspend to make sure clock is on\nbefore access register.\n\nTesteb-by: Abel Vesa \u003cabel.vesa@nxp.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48761",
"url": "https://www.suse.com/security/cve/CVE-2022-48761"
},
{
"category": "external",
"summary": "SUSE Bug 1226701 for CVE-2022-48761",
"url": "https://bugzilla.suse.com/1226701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48761"
},
{
"cve": "CVE-2022-48771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix stale file descriptors on failed usercopy\n\nA failing usercopy of the fence_rep object will lead to a stale entry in\nthe file descriptor table as put_unused_fd() won\u0027t release it. This\nenables userland to refer to a dangling \u0027file\u0027 object through that still\nvalid file descriptor, leading to all kinds of use-after-free\nexploitation scenarios.\n\nFix this by deferring the call to fd_install() until after the usercopy\nhas succeeded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48771",
"url": "https://www.suse.com/security/cve/CVE-2022-48771"
},
{
"category": "external",
"summary": "SUSE Bug 1226732 for CVE-2022-48771",
"url": "https://bugzilla.suse.com/1226732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48771"
},
{
"cve": "CVE-2022-48772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: lgdt3306a: Add a check against null-pointer-def\n\nThe driver should check whether the client provides the platform_data.\n\nThe following log reveals it:\n\n[ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40\n[ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414\n[ 29.612820] Call Trace:\n[ 29.613030] \u003cTASK\u003e\n[ 29.613201] dump_stack_lvl+0x56/0x6f\n[ 29.613496] ? kmemdup+0x30/0x40\n[ 29.613754] print_report.cold+0x494/0x6b7\n[ 29.614082] ? kmemdup+0x30/0x40\n[ 29.614340] kasan_report+0x8a/0x190\n[ 29.614628] ? kmemdup+0x30/0x40\n[ 29.614888] kasan_check_range+0x14d/0x1d0\n[ 29.615213] memcpy+0x20/0x60\n[ 29.615454] kmemdup+0x30/0x40\n[ 29.615700] lgdt3306a_probe+0x52/0x310\n[ 29.616339] i2c_device_probe+0x951/0xa90",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48772",
"url": "https://www.suse.com/security/cve/CVE-2022-48772"
},
{
"category": "external",
"summary": "SUSE Bug 1226976 for CVE-2022-48772",
"url": "https://bugzilla.suse.com/1226976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2022-48772"
},
{
"cve": "CVE-2023-24023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-24023"
}
],
"notes": [
{
"category": "general",
"text": "Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-24023",
"url": "https://www.suse.com/security/cve/CVE-2023-24023"
},
{
"category": "external",
"summary": "SUSE Bug 1218148 for CVE-2023-24023",
"url": "https://bugzilla.suse.com/1218148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-24023"
},
{
"cve": "CVE-2023-52622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n mount $dev $dir\n resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n \u003cTASK\u003e\n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE \u003c\u003c MAX_ORDER) / sizeof(struct ext4_new_group_data) ~ 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52622",
"url": "https://www.suse.com/security/cve/CVE-2023-52622"
},
{
"category": "external",
"summary": "SUSE Bug 1222080 for CVE-2023-52622",
"url": "https://bugzilla.suse.com/1222080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52622"
},
{
"cve": "CVE-2023-52675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/imc-pmu: Add a null pointer check in update_events_in_group()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52675",
"url": "https://www.suse.com/security/cve/CVE-2023-52675"
},
{
"category": "external",
"summary": "SUSE Bug 1224504 for CVE-2023-52675",
"url": "https://bugzilla.suse.com/1224504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52675"
},
{
"cve": "CVE-2023-52737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52737"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: lock the inode in shared mode before starting fiemap\n\nCurrently fiemap does not take the inode\u0027s lock (VFS lock), it only locks\na file range in the inode\u0027s io tree. This however can lead to a deadlock\nif we have a concurrent fsync on the file and fiemap code triggers a fault\nwhen accessing the user space buffer with fiemap_fill_next_extent(). The\ndeadlock happens on the inode\u0027s i_mmap_lock semaphore, which is taken both\nby fsync and btrfs_page_mkwrite(). This deadlock was recently reported by\nsyzbot and triggers a trace like the following:\n\n task:syz-executor361 state:D stack:20264 pid:5668 ppid:5119 flags:0x00004004\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5293 [inline]\n __schedule+0x995/0xe20 kernel/sched/core.c:6606\n schedule+0xcb/0x190 kernel/sched/core.c:6682\n wait_on_state fs/btrfs/extent-io-tree.c:707 [inline]\n wait_extent_bit+0x577/0x6f0 fs/btrfs/extent-io-tree.c:751\n lock_extent+0x1c2/0x280 fs/btrfs/extent-io-tree.c:1742\n find_lock_delalloc_range+0x4e6/0x9c0 fs/btrfs/extent_io.c:488\n writepage_delalloc+0x1ef/0x540 fs/btrfs/extent_io.c:1863\n __extent_writepage+0x736/0x14e0 fs/btrfs/extent_io.c:2174\n extent_write_cache_pages+0x983/0x1220 fs/btrfs/extent_io.c:3091\n extent_writepages+0x219/0x540 fs/btrfs/extent_io.c:3211\n do_writepages+0x3c3/0x680 mm/page-writeback.c:2581\n filemap_fdatawrite_wbc+0x11e/0x170 mm/filemap.c:388\n __filemap_fdatawrite_range mm/filemap.c:421 [inline]\n filemap_fdatawrite_range+0x175/0x200 mm/filemap.c:439\n btrfs_fdatawrite_range fs/btrfs/file.c:3850 [inline]\n start_ordered_ops fs/btrfs/file.c:1737 [inline]\n btrfs_sync_file+0x4ff/0x1190 fs/btrfs/file.c:1839\n generic_write_sync include/linux/fs.h:2885 [inline]\n btrfs_do_write_iter+0xcd3/0x1280 fs/btrfs/file.c:1684\n call_write_iter include/linux/fs.h:2189 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x7dc/0xc50 fs/read_write.c:584\n ksys_write+0x177/0x2a0 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7f7d4054e9b9\n RSP: 002b:00007f7d404fa2f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n RAX: ffffffffffffffda RBX: 00007f7d405d87a0 RCX: 00007f7d4054e9b9\n RDX: 0000000000000090 RSI: 0000000020000000 RDI: 0000000000000006\n RBP: 00007f7d405a51d0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 61635f65646f6e69\n R13: 65646f7475616f6e R14: 7261637369646f6e R15: 00007f7d405d87a8\n \u003c/TASK\u003e\n INFO: task syz-executor361:5697 blocked for more than 145 seconds.\n Not tainted 6.2.0-rc3-syzkaller-00376-g7c6984405241 #0\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:syz-executor361 state:D stack:21216 pid:5697 ppid:5119 flags:0x00004004\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5293 [inline]\n __schedule+0x995/0xe20 kernel/sched/core.c:6606\n schedule+0xcb/0x190 kernel/sched/core.c:6682\n rwsem_down_read_slowpath+0x5f9/0x930 kernel/locking/rwsem.c:1095\n __down_read_common+0x54/0x2a0 kernel/locking/rwsem.c:1260\n btrfs_page_mkwrite+0x417/0xc80 fs/btrfs/inode.c:8526\n do_page_mkwrite+0x19e/0x5e0 mm/memory.c:2947\n wp_page_shared+0x15e/0x380 mm/memory.c:3295\n handle_pte_fault mm/memory.c:4949 [inline]\n __handle_mm_fault mm/memory.c:5073 [inline]\n handle_mm_fault+0x1b79/0x26b0 mm/memory.c:5219\n do_user_addr_fault+0x69b/0xcb0 arch/x86/mm/fault.c:1428\n handle_page_fault arch/x86/mm/fault.c:1519 [inline]\n exc_page_fault+0x7a/0x110 arch/x86/mm/fault.c:1575\n asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:570\n RIP: 0010:copy_user_short_string+0xd/0x40 arch/x86/lib/copy_user_64.S:233\n Code: 74 0a 89 (...)\n RSP: 0018:ffffc9000570f330 EFLAGS: 000502\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52737",
"url": "https://www.suse.com/security/cve/CVE-2023-52737"
},
{
"category": "external",
"summary": "SUSE Bug 1225484 for CVE-2023-52737",
"url": "https://bugzilla.suse.com/1225484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52737"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-52754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imon: fix access to invalid resource for the second interface\n\nimon driver probes two USB interfaces, and at the probe of the second\ninterface, the driver assumes blindly that the first interface got\nbound with the same imon driver. It\u0027s usually true, but it\u0027s still\npossible that the first interface is bound with another driver via a\nmalformed descriptor. Then it may lead to a memory corruption, as\nspotted by syzkaller; imon driver accesses the data from drvdata as\nstruct imon_context object although it\u0027s a completely different one\nthat was assigned by another driver.\n\nThis patch adds a sanity check -- whether the first interface is\nreally bound with the imon driver or not -- for avoiding the problem\nabove at the probe time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52754",
"url": "https://www.suse.com/security/cve/CVE-2023-52754"
},
{
"category": "external",
"summary": "SUSE Bug 1225490 for CVE-2023-52754",
"url": "https://bugzilla.suse.com/1225490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52754"
},
{
"cve": "CVE-2023-52757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential deadlock when releasing mids\n\nAll release_mid() callers seem to hold a reference of @mid so there is\nno need to call kref_put(\u0026mid-\u003erefcount, __release_mid) under\n@server-\u003emid_lock spinlock. If they don\u0027t, then an use-after-free bug\nwould have occurred anyways.\n\nBy getting rid of such spinlock also fixes a potential deadlock as\nshown below\n\nCPU 0 CPU 1\n------------------------------------------------------------------\ncifs_demultiplex_thread() cifs_debug_data_proc_show()\n release_mid()\n spin_lock(\u0026server-\u003emid_lock);\n spin_lock(\u0026cifs_tcp_ses_lock)\n\t\t\t\t spin_lock(\u0026server-\u003emid_lock)\n __release_mid()\n smb2_find_smb_tcon()\n spin_lock(\u0026cifs_tcp_ses_lock) *deadlock*",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52757",
"url": "https://www.suse.com/security/cve/CVE-2023-52757"
},
{
"category": "external",
"summary": "SUSE Bug 1225548 for CVE-2023-52757",
"url": "https://bugzilla.suse.com/1225548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52757"
},
{
"cve": "CVE-2023-52762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: fix implicit overflow on virtio_max_dma_size\n\nThe following codes have an implicit conversion from size_t to u32:\n(u32)max_size = (size_t)virtio_max_dma_size(vdev);\n\nThis may lead overflow, Ex (size_t)4G -\u003e (u32)0. Once\nvirtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX\ninstead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52762",
"url": "https://www.suse.com/security/cve/CVE-2023-52762"
},
{
"category": "external",
"summary": "SUSE Bug 1225573 for CVE-2023-52762",
"url": "https://bugzilla.suse.com/1225573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52762"
},
{
"cve": "CVE-2023-52764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\n\nWhen the value of the variable \"sd-\u003eparams.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52764",
"url": "https://www.suse.com/security/cve/CVE-2023-52764"
},
{
"category": "external",
"summary": "SUSE Bug 1225571 for CVE-2023-52764",
"url": "https://bugzilla.suse.com/1225571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52764"
},
{
"cve": "CVE-2023-52784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: stop the device in bond_setup_by_slave()\n\nCommit 9eed321cde22 (\"net: lapbether: only support ethernet devices\")\nhas been able to keep syzbot away from net/lapb, until today.\n\nIn the following splat [1], the issue is that a lapbether device has\nbeen created on a bonding device without members. Then adding a non\nARPHRD_ETHER member forced the bonding master to change its type.\n\nThe fix is to make sure we call dev_close() in bond_setup_by_slave()\nso that the potential linked lapbether devices (or any other devices\nhaving assumptions on the physical device) are removed.\n\nA similar bug has been addressed in commit 40baec225765\n(\"bonding: fix panic on non-ARPHRD_ETHER enslave failure\")\n\n[1]\nskbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0\nkernel BUG at net/core/skbuff.c:192 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_panic net/core/skbuff.c:188 [inline]\npc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nlr : skb_panic net/core/skbuff.c:188 [inline]\nlr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nsp : ffff800096a06aa0\nx29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000\nx26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea\nx23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140\nx20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100\nx17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001\nx14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00\nx8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c\nx2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086\nCall trace:\nskb_panic net/core/skbuff.c:188 [inline]\nskb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nskb_push+0xf0/0x108 net/core/skbuff.c:2446\nip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384\ndev_hard_header include/linux/netdevice.h:3136 [inline]\nlapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257\nlapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447\nlapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149\nlapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251\n__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326\nlapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nlapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nbond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332\nbond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539\ndev_ifsioc+0x754/0x9ac\ndev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786\nsock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217\nsock_ioctl+0x4e8/0x834 net/socket.c:1322\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52784",
"url": "https://www.suse.com/security/cve/CVE-2023-52784"
},
{
"category": "external",
"summary": "SUSE Bug 1224946 for CVE-2023-52784",
"url": "https://bugzilla.suse.com/1224946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52784"
},
{
"cve": "CVE-2023-52808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs\n\nIf init debugfs failed during device registration due to memory allocation\nfailure, debugfs_remove_recursive() is called, after which debugfs_dir is\nnot set to NULL. debugfs_remove_recursive() will be called again during\ndevice removal. As a result, illegal pointer is accessed.\n\n[ 1665.467244] hisi_sas_v3_hw 0000:b4:02.0: failed to init debugfs!\n...\n[ 1669.836708] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a0\n[ 1669.872669] pc : down_write+0x24/0x70\n[ 1669.876315] lr : down_write+0x1c/0x70\n[ 1669.879961] sp : ffff000036f53a30\n[ 1669.883260] x29: ffff000036f53a30 x28: ffffa027c31549f8\n[ 1669.888547] x27: ffffa027c3140000 x26: 0000000000000000\n[ 1669.893834] x25: ffffa027bf37c270 x24: ffffa027bf37c270\n[ 1669.899122] x23: ffff0000095406b8 x22: ffff0000095406a8\n[ 1669.904408] x21: 0000000000000000 x20: ffffa027bf37c310\n[ 1669.909695] x19: 00000000000000a0 x18: ffff8027dcd86f10\n[ 1669.914982] x17: 0000000000000000 x16: 0000000000000000\n[ 1669.920268] x15: 0000000000000000 x14: ffffa0274014f870\n[ 1669.925555] x13: 0000000000000040 x12: 0000000000000228\n[ 1669.930842] x11: 0000000000000020 x10: 0000000000000bb0\n[ 1669.936129] x9 : ffff000036f537f0 x8 : ffff80273088ca10\n[ 1669.941416] x7 : 000000000000001d x6 : 00000000ffffffff\n[ 1669.946702] x5 : ffff000008a36310 x4 : ffff80273088be00\n[ 1669.951989] x3 : ffff000009513e90 x2 : 0000000000000000\n[ 1669.957276] x1 : 00000000000000a0 x0 : ffffffff00000001\n[ 1669.962563] Call trace:\n[ 1669.965000] down_write+0x24/0x70\n[ 1669.968301] debugfs_remove_recursive+0x5c/0x1b0\n[ 1669.972905] hisi_sas_debugfs_exit+0x24/0x30 [hisi_sas_main]\n[ 1669.978541] hisi_sas_v3_remove+0x130/0x150 [hisi_sas_v3_hw]\n[ 1669.984175] pci_device_remove+0x48/0xd8\n[ 1669.988082] device_release_driver_internal+0x1b4/0x250\n[ 1669.993282] device_release_driver+0x28/0x38\n[ 1669.997534] pci_stop_bus_device+0x84/0xb8\n[ 1670.001611] pci_stop_and_remove_bus_device_locked+0x24/0x40\n[ 1670.007244] remove_store+0xfc/0x140\n[ 1670.010802] dev_attr_store+0x44/0x60\n[ 1670.014448] sysfs_kf_write+0x58/0x80\n[ 1670.018095] kernfs_fop_write+0xe8/0x1f0\n[ 1670.022000] __vfs_write+0x60/0x190\n[ 1670.025472] vfs_write+0xac/0x1c0\n[ 1670.028771] ksys_write+0x6c/0xd8\n[ 1670.032071] __arm64_sys_write+0x24/0x30\n[ 1670.035977] el0_svc_common+0x78/0x130\n[ 1670.039710] el0_svc_handler+0x38/0x78\n[ 1670.043442] el0_svc+0x8/0xc\n\nTo fix this, set debugfs_dir to NULL after debugfs_remove_recursive().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52808",
"url": "https://www.suse.com/security/cve/CVE-2023-52808"
},
{
"category": "external",
"summary": "SUSE Bug 1225555 for CVE-2023-52808",
"url": "https://bugzilla.suse.com/1225555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52808"
},
{
"cve": "CVE-2023-52809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()\n\nfc_lport_ptp_setup() did not check the return value of fc_rport_create()\nwhich can return NULL and would cause a NULL pointer dereference. Address\nthis issue by checking return value of fc_rport_create() and log error\nmessage on fc_rport_create() failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52809",
"url": "https://www.suse.com/security/cve/CVE-2023-52809"
},
{
"category": "external",
"summary": "SUSE Bug 1225556 for CVE-2023-52809",
"url": "https://bugzilla.suse.com/1225556"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52809"
},
{
"cve": "CVE-2023-52811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Remove BUG_ON in the case of an empty event pool\n\nIn practice the driver should never send more commands than are allocated\nto a queue\u0027s event pool. In the unlikely event that this happens, the code\nasserts a BUG_ON, and in the case that the kernel is not configured to\ncrash on panic returns a junk event pointer from the empty event list\ncausing things to spiral from there. This BUG_ON is a historical artifact\nof the ibmvfc driver first being upstreamed, and it is well known now that\nthe use of BUG_ON is bad practice except in the most unrecoverable\nscenario. There is nothing about this scenario that prevents the driver\nfrom recovering and carrying on.\n\nRemove the BUG_ON in question from ibmvfc_get_event() and return a NULL\npointer in the case of an empty event pool. Update all call sites to\nibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate\nfailure or recovery action.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52811",
"url": "https://www.suse.com/security/cve/CVE-2023-52811"
},
{
"category": "external",
"summary": "SUSE Bug 1225559 for CVE-2023-52811",
"url": "https://bugzilla.suse.com/1225559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52811"
},
{
"cve": "CVE-2023-52832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type \u0027int\u0027\n CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE\n Call Trace:\n dump_stack+0x74/0x92\n ubsan_epilogue+0x9/0x50\n handle_overflow+0x8d/0xd0\n __ubsan_handle_mul_overflow+0xe/0x10\n nl80211_send_iface+0x688/0x6b0 [cfg80211]\n [...]\n cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n [...]\n ieee80211_if_add+0x60e/0x8f0 [mac80211]\n ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52832",
"url": "https://www.suse.com/security/cve/CVE-2023-52832"
},
{
"category": "external",
"summary": "SUSE Bug 1225577 for CVE-2023-52832",
"url": "https://bugzilla.suse.com/1225577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52832"
},
{
"cve": "CVE-2023-52834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natl1c: Work around the DMA RX overflow issue\n\nThis is based on alx driver commit 881d0327db37 (\"net: alx: Work around\nthe DMA RX overflow issue\").\n\nThe alx and atl1c drivers had RX overflow error which was why a custom\nallocator was created to avoid certain addresses. The simpler workaround\nthen created for alx driver, but not for atl1c due to lack of tester.\n\nInstead of using a custom allocator, check the allocated skb address and\nuse skb_reserve() to move away from problematic 0x...fc0 address.\n\nTested on AR8131 on Acer 4540.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52834",
"url": "https://www.suse.com/security/cve/CVE-2023-52834"
},
{
"category": "external",
"summary": "SUSE Bug 1225599 for CVE-2023-52834",
"url": "https://bugzilla.suse.com/1225599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52834"
},
{
"cve": "CVE-2023-52835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Bail out early if the request AUX area is out of bound\n\nWhen perf-record with a large AUX area, e.g 4GB, it fails with:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)\n\nand it reveals a WARNING with __alloc_pages():\n\n\t------------[ cut here ]------------\n\tWARNING: CPU: 44 PID: 17573 at mm/page_alloc.c:5568 __alloc_pages+0x1ec/0x248\n\tCall trace:\n\t __alloc_pages+0x1ec/0x248\n\t __kmalloc_large_node+0xc0/0x1f8\n\t __kmalloc_node+0x134/0x1e8\n\t rb_alloc_aux+0xe0/0x298\n\t perf_mmap+0x440/0x660\n\t mmap_region+0x308/0x8a8\n\t do_mmap+0x3c0/0x528\n\t vm_mmap_pgoff+0xf4/0x1b8\n\t ksys_mmap_pgoff+0x18c/0x218\n\t __arm64_sys_mmap+0x38/0x58\n\t invoke_syscall+0x50/0x128\n\t el0_svc_common.constprop.0+0x58/0x188\n\t do_el0_svc+0x34/0x50\n\t el0_svc+0x34/0x108\n\t el0t_64_sync_handler+0xb8/0xc0\n\t el0t_64_sync+0x1a4/0x1a8\n\n\u0027rb-\u003eaux_pages\u0027 allocated by kcalloc() is a pointer array which is used to\nmaintains AUX trace pages. The allocated page for this array is physically\ncontiguous (and virtually contiguous) with an order of 0..MAX_ORDER. If the\nsize of pointer array crosses the limitation set by MAX_ORDER, it reveals a\nWARNING.\n\nSo bail out early with -ENOMEM if the request AUX area is out of bound,\ne.g.:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52835",
"url": "https://www.suse.com/security/cve/CVE-2023-52835"
},
{
"category": "external",
"summary": "SUSE Bug 1225602 for CVE-2023-52835",
"url": "https://bugzilla.suse.com/1225602"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52835"
},
{
"cve": "CVE-2023-52843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: verify mac len before reading mac header\n\nLLC reads the mac header with eth_hdr without verifying that the skb\nhas an Ethernet header.\n\nSyzbot was able to enter llc_rcv on a tun device. Tun can insert\npackets without mac len and with user configurable skb-\u003eprotocol\n(passing a tun_pi header when not configuring IFF_NO_PI).\n\n BUG: KMSAN: uninit-value in llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n BUG: KMSAN: uninit-value in llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_rcv+0xc5d/0x14a0 net/llc/llc_input.c:218\n __netif_receive_skb_one_core net/core/dev.c:5523 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5637\n netif_receive_skb_internal net/core/dev.c:5723 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5782\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x54c5/0x69c0 drivers/net/tun.c:2002\n\nAdd a mac_len test before all three eth_hdr(skb) calls under net/llc.\n\nThere are further uses in include/net/llc_pdu.h. All these are\nprotected by a test skb-\u003eprotocol == ETH_P_802_2. Which does not\nprotect against this tun scenario.\n\nBut the mac_len test added in this patch in llc_fixup_skb will\nindirectly protect those too. That is called from llc_rcv before any\nother LLC code.\n\nIt is tempting to just add a blanket mac_len check in llc_rcv, but\nnot sure whether that could break valid LLC paths that do not assume\nan Ethernet header. 802.2 LLC may be used on top of non-802.3\nprotocols in principle. The below referenced commit shows that used\nto, on top of Token Ring.\n\nAt least one of the three eth_hdr uses goes back to before the start\nof git history. But the one that syzbot exercises is introduced in\nthis commit. That commit is old enough (2008), that effectively all\nstable kernels should receive this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52843",
"url": "https://www.suse.com/security/cve/CVE-2023-52843"
},
{
"category": "external",
"summary": "SUSE Bug 1224951 for CVE-2023-52843",
"url": "https://bugzilla.suse.com/1224951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52843"
},
{
"cve": "CVE-2023-52845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING\n\nsyzbot reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline]\nBUG: KMSAN: uninit-value in strstr+0xb8/0x2f0 lib/string.c:756\n strlen lib/string.c:418 [inline]\n strstr+0xb8/0x2f0 lib/string.c:756\n tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595\n genl_family_rcv_msg_doit net/netlink/genetlink.c:971 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1051 [inline]\n genl_rcv_msg+0x11ec/0x1290 net/netlink/genetlink.c:1066\n netlink_rcv_skb+0x371/0x650 net/netlink/af_netlink.c:2545\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1075\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0xf47/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x318/0x740 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [inline]\n netlink_sendmsg+0xb34/0x13d0 net/netlink/af_netlink.c:1885\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTIPC bearer-related names including link names must be null-terminated\nstrings. If a link name which is not null-terminated is passed through\nnetlink, strstr() and similar functions can cause buffer overrun. This\ncauses the above issue.\n\nThis patch changes the nla_policy for bearer-related names from NLA_STRING\nto NLA_NUL_STRING. This resolves the issue by ensuring that only\nnull-terminated strings are accepted as bearer-related names.\n\nsyzbot reported similar uninit-value issue related to bearer names [2]. The\nroot cause of this issue is that a non-null-terminated bearer name was\npassed. This patch also resolved this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52845",
"url": "https://www.suse.com/security/cve/CVE-2023-52845"
},
{
"category": "external",
"summary": "SUSE Bug 1225585 for CVE-2023-52845",
"url": "https://bugzilla.suse.com/1225585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52845"
},
{
"cve": "CVE-2023-52855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency\n\nIn _dwc2_hcd_urb_enqueue(), \"urb-\u003ehcpriv = NULL\" is executed without\nholding the lock \"hsotg-\u003elock\". In _dwc2_hcd_urb_dequeue():\n\n spin_lock_irqsave(\u0026hsotg-\u003elock, flags);\n ...\n\tif (!urb-\u003ehcpriv) {\n\t\tdev_dbg(hsotg-\u003edev, \"## urb-\u003ehcpriv is NULL ##\\n\");\n\t\tgoto out;\n\t}\n rc = dwc2_hcd_urb_dequeue(hsotg, urb-\u003ehcpriv); // Use urb-\u003ehcpriv\n ...\nout:\n spin_unlock_irqrestore(\u0026hsotg-\u003elock, flags);\n\nWhen _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() are\nconcurrently executed, the NULL check of \"urb-\u003ehcpriv\" can be executed\nbefore \"urb-\u003ehcpriv = NULL\". After urb-\u003ehcpriv is NULL, it can be used\nin the function call to dwc2_hcd_urb_dequeue(), which can cause a NULL\npointer dereference.\n\nThis possible bug is found by an experimental static analysis tool\ndeveloped by myself. This tool analyzes the locking APIs to extract\nfunction pairs that can be concurrently executed, and then analyzes the\ninstructions in the paired functions to identify possible concurrency\nbugs including data races and atomicity violations. The above possible\nbug is reported, when my tool analyzes the source code of Linux 6.5.\n\nTo fix this possible bug, \"urb-\u003ehcpriv = NULL\" should be executed with\nholding the lock \"hsotg-\u003elock\". After using this patch, my tool never\nreports the possible bug, with the kernelconfiguration allyesconfig for\nx86_64. Because I have no associated hardware, I cannot test the patch\nin runtime testing, and just verify it according to the code logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52855",
"url": "https://www.suse.com/security/cve/CVE-2023-52855"
},
{
"category": "external",
"summary": "SUSE Bug 1225583 for CVE-2023-52855",
"url": "https://bugzilla.suse.com/1225583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52855"
},
{
"cve": "CVE-2023-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: do not accept ACK of bytes we never sent\n\nThis patch is based on a detailed report and ideas from Yepeng Pan\nand Christian Rossow.\n\nACK seq validation is currently following RFC 5961 5.2 guidelines:\n\n The ACK value is considered acceptable only if\n it is in the range of ((SND.UNA - MAX.SND.WND) \u003c= SEG.ACK \u003c=\n SND.NXT). All incoming segments whose ACK value doesn\u0027t satisfy the\n above condition MUST be discarded and an ACK sent back. It needs to\n be noted that RFC 793 on page 72 (fifth check) says: \"If the ACK is a\n duplicate (SEG.ACK \u003c SND.UNA), it can be ignored. If the ACK\n acknowledges something not yet sent (SEG.ACK \u003e SND.NXT) then send an\n ACK, drop the segment, and return\". The \"ignored\" above implies that\n the processing of the incoming data segment continues, which means\n the ACK value is treated as acceptable. This mitigation makes the\n ACK check more stringent since any ACK \u003c SND.UNA wouldn\u0027t be\n accepted, instead only ACKs that are in the range ((SND.UNA -\n MAX.SND.WND) \u003c= SEG.ACK \u003c= SND.NXT) get through.\n\nThis can be refined for new (and possibly spoofed) flows,\nby not accepting ACK for bytes that were never sent.\n\nThis greatly improves TCP security at a little cost.\n\nI added a Fixes: tag to make sure this patch will reach stable trees,\neven if the \u0027blamed\u0027 patch was adhering to the RFC.\n\ntp-\u003ebytes_acked was added in linux-4.2\n\nFollowing packetdrill test (courtesy of Yepeng Pan) shows\nthe issue at hand:\n\n0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3\n+0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0\n+0 bind(3, ..., ...) = 0\n+0 listen(3, 1024) = 0\n\n// ---------------- Handshake ------------------- //\n\n// when window scale is set to 14 the window size can be extended to\n// 65535 * (2^14) = 1073725440. Linux would accept an ACK packet\n// with ack number in (Server_ISN+1-1073725440. Server_ISN+1)\n// ,though this ack number acknowledges some data never\n// sent by the server.\n\n+0 \u003c S 0:0(0) win 65535 \u003cmss 1400,nop,wscale 14\u003e\n+0 \u003e S. 0:0(0) ack 1 \u003c...\u003e\n+0 \u003c . 1:1(0) ack 1 win 65535\n+0 accept(3, ..., ...) = 4\n\n// For the established connection, we send an ACK packet,\n// the ack packet uses ack number 1 - 1073725300 + 2^32,\n// where 2^32 is used to wrap around.\n// Note: we used 1073725300 instead of 1073725440 to avoid possible\n// edge cases.\n// 1 - 1073725300 + 2^32 = 3221241997\n\n// Oops, old kernels happily accept this packet.\n+0 \u003c . 1:1001(1000) ack 3221241997 win 65535\n\n// After the kernel fix the following will be replaced by a challenge ACK,\n// and prior malicious frame would be dropped.\n+0 \u003e . 1:1(0) ack 1001",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52881",
"url": "https://www.suse.com/security/cve/CVE-2023-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1225611 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "external",
"summary": "SUSE Bug 1226152 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1226152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-52881"
},
{
"cve": "CVE-2024-26633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()\n\nsyzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken.\n\nReading frag_off can only be done if we pulled enough bytes\nto skb-\u003ehead. Currently we might access garbage.\n\n[1]\nBUG: KMSAN: uninit-value in ip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendmsg net/socket.c:2676 [inline]\n__se_sys_sendmsg net/socket.c:2674 [inline]\n__x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\nslab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\nslab_alloc_node mm/slub.c:3478 [inline]\n__kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n__do_kmalloc_node mm/slab_common.c:1006 [inline]\n__kmalloc_node_track_caller+0x118/0x3c0 mm/slab_common.c:1027\nkmalloc_reserve+0x249/0x4a0 net/core/skbuff.c:582\npskb_expand_head+0x226/0x1a00 net/core/skbuff.c:2098\n__pskb_pull_tail+0x13b/0x2310 net/core/skbuff.c:2655\npskb_may_pull_reason include/linux/skbuff.h:2673 [inline]\npskb_may_pull include/linux/skbuff.h:2681 [inline]\nip6_tnl_parse_tlv_enc_lim+0x901/0xbb0 net/ipv6/ip6_tunnel.c:408\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendms\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26633",
"url": "https://www.suse.com/security/cve/CVE-2024-26633"
},
{
"category": "external",
"summary": "SUSE Bug 1221647 for CVE-2024-26633",
"url": "https://bugzilla.suse.com/1221647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26633"
},
{
"cve": "CVE-2024-26641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\n\nsyzbot found __ip6_tnl_rcv() could access unitiliazed data [1].\n\nCall pskb_inet_may_pull() to fix this, and initialize ipv6h\nvariable after this call as it can change skb-\u003ehead.\n\n[1]\n BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n ip6ip6_dscp_ecn_decapsulate+0x178/0x1b0 net/ipv6/ip6_tunnel.c:727\n __ip6_tnl_rcv+0xd4e/0x1590 net/ipv6/ip6_tunnel.c:845\n ip6_tnl_rcv+0xce/0x100 net/ipv6/ip6_tunnel.c:888\n gre_rcv+0x143f/0x1870\n ip6_protocol_deliver_rcu+0xda6/0x2a60 net/ipv6/ip6_input.c:438\n ip6_input_finish net/ipv6/ip6_input.c:483 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip6_input+0x15d/0x430 net/ipv6/ip6_input.c:492\n ip6_mc_input+0xa7e/0xc80 net/ipv6/ip6_input.c:586\n dst_input include/net/dst.h:461 [inline]\n ip6_rcv_finish+0x5db/0x870 net/ipv6/ip6_input.c:79\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ipv6_rcv+0xda/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core net/core/dev.c:5532 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5646\n netif_receive_skb_internal net/core/dev.c:5732 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5791\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x53af/0x66d0 drivers/net/tun.c:2002\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2084 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x786/0x1200 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x318/0x740 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1286 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787\n tun_alloc_skb drivers/net/tun.c:1531 [inline]\n tun_get_user+0x1e8a/0x66d0 drivers/net/tun.c:1846\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2084 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x786/0x1200 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nCPU: 0 PID: 5034 Comm: syz-executor331 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26641",
"url": "https://www.suse.com/security/cve/CVE-2024-26641"
},
{
"category": "external",
"summary": "SUSE Bug 1221654 for CVE-2024-26641",
"url": "https://bugzilla.suse.com/1221654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26641"
},
{
"cve": "CVE-2024-26679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: read sk-\u003esk_family once in inet_recv_error()\n\ninet_recv_error() is called without holding the socket lock.\n\nIPv6 socket could mutate to IPv4 with IPV6_ADDRFORM\nsocket option and trigger a KCSAN warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26679",
"url": "https://www.suse.com/security/cve/CVE-2024-26679"
},
{
"category": "external",
"summary": "SUSE Bug 1222385 for CVE-2024-26679",
"url": "https://bugzilla.suse.com/1222385"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26679"
},
{
"cve": "CVE-2024-26687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/events: close evtchn after mapping cleanup\n\nshutdown_pirq and startup_pirq are not taking the\nirq_mapping_update_lock because they can\u0027t due to lock inversion. Both\nare called with the irq_desc-\u003elock being taking. The lock order,\nhowever, is first irq_mapping_update_lock and then irq_desc-\u003elock.\n\nThis opens multiple races:\n- shutdown_pirq can be interrupted by a function that allocates an event\n channel:\n\n CPU0 CPU1\n shutdown_pirq {\n xen_evtchn_close(e)\n __startup_pirq {\n EVTCHNOP_bind_pirq\n -\u003e returns just freed evtchn e\n set_evtchn_to_irq(e, irq)\n }\n xen_irq_info_cleanup() {\n set_evtchn_to_irq(e, -1)\n }\n }\n\n Assume here event channel e refers here to the same event channel\n number.\n After this race the evtchn_to_irq mapping for e is invalid (-1).\n\n- __startup_pirq races with __unbind_from_irq in a similar way. Because\n __startup_pirq doesn\u0027t take irq_mapping_update_lock it can grab the\n evtchn that __unbind_from_irq is currently freeing and cleaning up. In\n this case even though the event channel is allocated, its mapping can\n be unset in evtchn_to_irq.\n\nThe fix is to first cleanup the mappings and then close the event\nchannel. In this way, when an event channel gets allocated it\u0027s\npotential previous evtchn_to_irq mappings are guaranteed to be unset already.\nThis is also the reverse order of the allocation where first the event\nchannel is allocated and then the mappings are setup.\n\nOn a 5.10 kernel prior to commit 3fcdaf3d7634 (\"xen/events: modify internal\n[un]bind interfaces\"), we hit a BUG like the following during probing of NVMe\ndevices. The issue is that during nvme_setup_io_queues, pci_free_irq\nis called for every device which results in a call to shutdown_pirq.\nWith many nvme devices it\u0027s therefore likely to hit this race during\nboot because there will be multiple calls to shutdown_pirq and\nstartup_pirq are running potentially in parallel.\n\n ------------[ cut here ]------------\n blkfront: xvda: barrier or flush: disabled; persistent grants: enabled; indirect descriptors: enabled; bounce buffer: enabled\n kernel BUG at drivers/xen/events/events_base.c:499!\n invalid opcode: 0000 [#1] SMP PTI\n CPU: 44 PID: 375 Comm: kworker/u257:23 Not tainted 5.10.201-191.748.amzn2.x86_64 #1\n Hardware name: Xen HVM domU, BIOS 4.11.amazon 08/24/2006\n Workqueue: nvme-reset-wq nvme_reset_work\n RIP: 0010:bind_evtchn_to_cpu+0xdf/0xf0\n Code: 5d 41 5e c3 cc cc cc cc 44 89 f7 e8 2b 55 ad ff 49 89 c5 48 85 c0 0f 84 64 ff ff ff 4c 8b 68 30 41 83 fe ff 0f 85 60 ff ff ff \u003c0f\u003e 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 0f 1f 44 00 00\n RSP: 0000:ffffc9000d533b08 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000006\n RDX: 0000000000000028 RSI: 00000000ffffffff RDI: 00000000ffffffff\n RBP: ffff888107419680 R08: 0000000000000000 R09: ffffffff82d72b00\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000000001ed\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffff88bc8b500000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000002610001 CR4: 00000000001706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n ? show_trace_log_lvl+0x1c1/0x2d9\n ? show_trace_log_lvl+0x1c1/0x2d9\n ? set_affinity_irq+0xdc/0x1c0\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0x90/0x110\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? do_error_trap+0x65/0x80\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? exc_invalid_op+0x4e/0x70\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? asm_exc_invalid_op+0x12/0x20\n ? bind_evtchn_to_cpu+0xdf/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26687",
"url": "https://www.suse.com/security/cve/CVE-2024-26687"
},
{
"category": "external",
"summary": "SUSE Bug 1222435 for CVE-2024-26687",
"url": "https://bugzilla.suse.com/1222435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26687"
},
{
"cve": "CVE-2024-26720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26720"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26720",
"url": "https://www.suse.com/security/cve/CVE-2024-26720"
},
{
"category": "external",
"summary": "SUSE Bug 1222364 for CVE-2024-26720",
"url": "https://bugzilla.suse.com/1222364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26720"
},
{
"cve": "CVE-2024-26813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/platform: Create persistent IRQ handlers\n\nThe vfio-platform SET_IRQS ioctl currently allows loopback triggering of\nan interrupt before a signaling eventfd has been configured by the user,\nwhich thereby allows a NULL pointer dereference.\n\nRather than register the IRQ relative to a valid trigger, register all\nIRQs in a disabled state in the device open path. This allows mask\noperations on the IRQ to nest within the overall enable state governed\nby a valid eventfd signal. This decouples @masked, protected by the\n@locked spinlock from @trigger, protected via the @igate mutex.\n\nIn doing so, it\u0027s guaranteed that changes to @trigger cannot race the\nIRQ handlers because the IRQ handler is synchronously disabled before\nmodifying the trigger, and loopback triggering of the IRQ via ioctl is\nsafe due to serialization with trigger changes via igate.\n\nFor compatibility, request_irq() failures are maintained to be local to\nthe SET_IRQS ioctl rather than a fatal error in the open device path.\nThis allows, for example, a userspace driver with polling mode support\nto continue to work regardless of moving the request_irq() call site.\nThis necessarily blocks all SET_IRQS access to the failed index.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26813",
"url": "https://www.suse.com/security/cve/CVE-2024-26813"
},
{
"category": "external",
"summary": "SUSE Bug 1222809 for CVE-2024-26813",
"url": "https://bugzilla.suse.com/1222809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26813"
},
{
"cve": "CVE-2024-26845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: core: Add TMF to tmr_list handling\n\nAn abort that is responded to by iSCSI itself is added to tmr_list but does\nnot go to target core. A LUN_RESET that goes through tmr_list takes a\nrefcounter on the abort and waits for completion. However, the abort will\nbe never complete because it was not started in target core.\n\n Unable to locate ITT: 0x05000000 on CID: 0\n Unable to locate RefTaskTag: 0x05000000 on CID: 0.\n wait_for_tasks: Stopping tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop\n wait for tasks: tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop\n...\n INFO: task kworker/0:2:49 blocked for more than 491 seconds.\n task:kworker/0:2 state:D stack: 0 pid: 49 ppid: 2 flags:0x00000800\n Workqueue: events target_tmr_work [target_core_mod]\nCall Trace:\n __switch_to+0x2c4/0x470\n _schedule+0x314/0x1730\n schedule+0x64/0x130\n schedule_timeout+0x168/0x430\n wait_for_completion+0x140/0x270\n target_put_cmd_and_wait+0x64/0xb0 [target_core_mod]\n core_tmr_lun_reset+0x30/0xa0 [target_core_mod]\n target_tmr_work+0xc8/0x1b0 [target_core_mod]\n process_one_work+0x2d4/0x5d0\n worker_thread+0x78/0x6c0\n\nTo fix this, only add abort to tmr_list if it will be handled by target\ncore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26845",
"url": "https://www.suse.com/security/cve/CVE-2024-26845"
},
{
"category": "external",
"summary": "SUSE Bug 1223018 for CVE-2024-26845",
"url": "https://bugzilla.suse.com/1223018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26845"
},
{
"cve": "CVE-2024-26863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Fix uninit-value access in hsr_get_node()\n\nKMSAN reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246\n hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246\n fill_frame_info net/hsr/hsr_forward.c:577 [inline]\n hsr_forward_skb+0xe12/0x30e0 net/hsr/hsr_forward.c:615\n hsr_dev_xmit+0x1a1/0x270 net/hsr/hsr_device.c:223\n __netdev_start_xmit include/linux/netdevice.h:4940 [inline]\n netdev_start_xmit include/linux/netdevice.h:4954 [inline]\n xmit_one net/core/dev.c:3548 [inline]\n dev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\n dev_queue_xmit include/linux/netdevice.h:3134 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3087 [inline]\n packet_sendmsg+0x8b1d/0x9f30 net/packet/af_packet.c:3119\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x318/0x740 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1286 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787\n packet_alloc_skb net/packet/af_packet.c:2936 [inline]\n packet_snd net/packet/af_packet.c:3030 [inline]\n packet_sendmsg+0x70e8/0x9f30 net/packet/af_packet.c:3119\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nCPU: 1 PID: 5033 Comm: syz-executor334 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\n=====================================================\n\nIf the packet type ID field in the Ethernet header is either ETH_P_PRP or\nETH_P_HSR, but it is not followed by an HSR tag, hsr_get_skb_sequence_nr()\nreads an invalid value as a sequence number. This causes the above issue.\n\nThis patch fixes the issue by returning NULL if the Ethernet header is not\nfollowed by an HSR tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26863",
"url": "https://www.suse.com/security/cve/CVE-2024-26863"
},
{
"category": "external",
"summary": "SUSE Bug 1223021 for CVE-2024-26863",
"url": "https://bugzilla.suse.com/1223021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26863"
},
{
"cve": "CVE-2024-26894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()\n\nAfter unregistering the CPU idle device, the memory associated with\nit is not freed, leading to a memory leak:\n\nunreferenced object 0xffff896282f6c000 (size 1024):\n comm \"swapper/0\", pid 1, jiffies 4294893170\n hex dump (first 32 bytes):\n 00 00 00 00 0b 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 8836a742):\n [\u003cffffffff993495ed\u003e] kmalloc_trace+0x29d/0x340\n [\u003cffffffff9972f3b3\u003e] acpi_processor_power_init+0xf3/0x1c0\n [\u003cffffffff9972d263\u003e] __acpi_processor_start+0xd3/0xf0\n [\u003cffffffff9972d2bc\u003e] acpi_processor_start+0x2c/0x50\n [\u003cffffffff99805872\u003e] really_probe+0xe2/0x480\n [\u003cffffffff99805c98\u003e] __driver_probe_device+0x78/0x160\n [\u003cffffffff99805daf\u003e] driver_probe_device+0x1f/0x90\n [\u003cffffffff9980601e\u003e] __driver_attach+0xce/0x1c0\n [\u003cffffffff99803170\u003e] bus_for_each_dev+0x70/0xc0\n [\u003cffffffff99804822\u003e] bus_add_driver+0x112/0x210\n [\u003cffffffff99807245\u003e] driver_register+0x55/0x100\n [\u003cffffffff9aee4acb\u003e] acpi_processor_driver_init+0x3b/0xc0\n [\u003cffffffff990012d1\u003e] do_one_initcall+0x41/0x300\n [\u003cffffffff9ae7c4b0\u003e] kernel_init_freeable+0x320/0x470\n [\u003cffffffff99b231f6\u003e] kernel_init+0x16/0x1b0\n [\u003cffffffff99042e6d\u003e] ret_from_fork+0x2d/0x50\n\nFix this by freeing the CPU idle device after unregistering it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26894",
"url": "https://www.suse.com/security/cve/CVE-2024-26894"
},
{
"category": "external",
"summary": "SUSE Bug 1223043 for CVE-2024-26894",
"url": "https://bugzilla.suse.com/1223043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26894"
},
{
"cve": "CVE-2024-26928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_debug_files_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26928",
"url": "https://www.suse.com/security/cve/CVE-2024-26928"
},
{
"category": "external",
"summary": "SUSE Bug 1223532 for CVE-2024-26928",
"url": "https://bugzilla.suse.com/1223532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26928"
},
{
"cve": "CVE-2024-26973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfat: fix uninitialized field in nostale filehandles\n\nWhen fat_encode_fh_nostale() encodes file handle without a parent it\nstores only first 10 bytes of the file handle. However the length of the\nfile handle must be a multiple of 4 so the file handle is actually 12\nbytes long and the last two bytes remain uninitialized. This is not\ngreat at we potentially leak uninitialized information with the handle\nto userspace. Properly initialize the full handle length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26973",
"url": "https://www.suse.com/security/cve/CVE-2024-26973"
},
{
"category": "external",
"summary": "SUSE Bug 1223641 for CVE-2024-26973",
"url": "https://bugzilla.suse.com/1223641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-26973"
},
{
"cve": "CVE-2024-27399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27399"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout\n\nThere is a race condition between l2cap_chan_timeout() and\nl2cap_chan_del(). When we use l2cap_chan_del() to delete the\nchannel, the chan-\u003econn will be set to null. But the conn could\nbe dereferenced again in the mutex_lock() of l2cap_chan_timeout().\nAs a result the null pointer dereference bug will happen. The\nKASAN report triggered by POC is shown below:\n\n[ 472.074580] ==================================================================\n[ 472.075284] BUG: KASAN: null-ptr-deref in mutex_lock+0x68/0xc0\n[ 472.075308] Write of size 8 at addr 0000000000000158 by task kworker/0:0/7\n[ 472.075308]\n[ 472.075308] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.075308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.075308] Workqueue: events l2cap_chan_timeout\n[ 472.075308] Call Trace:\n[ 472.075308] \u003cTASK\u003e\n[ 472.075308] dump_stack_lvl+0x137/0x1a0\n[ 472.075308] print_report+0x101/0x250\n[ 472.075308] ? __virt_addr_valid+0x77/0x160\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_report+0x139/0x170\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_check_range+0x2c3/0x2e0\n[ 472.075308] mutex_lock+0x68/0xc0\n[ 472.075308] l2cap_chan_timeout+0x181/0x300\n[ 472.075308] process_one_work+0x5d2/0xe00\n[ 472.075308] worker_thread+0xe1d/0x1660\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] kthread+0x2b7/0x350\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork+0x4d/0x80\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork_asm+0x11/0x20\n[ 472.075308] \u003c/TASK\u003e\n[ 472.075308] ==================================================================\n[ 472.094860] Disabling lock debugging due to kernel taint\n[ 472.096136] BUG: kernel NULL pointer dereference, address: 0000000000000158\n[ 472.096136] #PF: supervisor write access in kernel mode\n[ 472.096136] #PF: error_code(0x0002) - not-present page\n[ 472.096136] PGD 0 P4D 0\n[ 472.096136] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI\n[ 472.096136] CPU: 0 PID: 7 Comm: kworker/0:0 Tainted: G B 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.096136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.096136] Workqueue: events l2cap_chan_timeout\n[ 472.096136] RIP: 0010:mutex_lock+0x88/0xc0\n[ 472.096136] Code: be 08 00 00 00 e8 f8 23 1f fd 4c 89 f7 be 08 00 00 00 e8 eb 23 1f fd 42 80 3c 23 00 74 08 48 88\n[ 472.096136] RSP: 0018:ffff88800744fc78 EFLAGS: 00000246\n[ 472.096136] RAX: 0000000000000000 RBX: 1ffff11000e89f8f RCX: ffffffff8457c865\n[ 472.096136] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88800744fc78\n[ 472.096136] RBP: 0000000000000158 R08: ffff88800744fc7f R09: 1ffff11000e89f8f\n[ 472.096136] R10: dffffc0000000000 R11: ffffed1000e89f90 R12: dffffc0000000000\n[ 472.096136] R13: 0000000000000158 R14: ffff88800744fc78 R15: ffff888007405a00\n[ 472.096136] FS: 0000000000000000(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000\n[ 472.096136] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 472.096136] CR2: 0000000000000158 CR3: 000000000da32000 CR4: 00000000000006f0\n[ 472.096136] Call Trace:\n[ 472.096136] \u003cTASK\u003e\n[ 472.096136] ? __die_body+0x8d/0xe0\n[ 472.096136] ? page_fault_oops+0x6b8/0x9a0\n[ 472.096136] ? kernelmode_fixup_or_oops+0x20c/0x2a0\n[ 472.096136] ? do_user_addr_fault+0x1027/0x1340\n[ 472.096136] ? _printk+0x7a/0xa0\n[ 472.096136] ? mutex_lock+0x68/0xc0\n[ 472.096136] ? add_taint+0x42/0xd0\n[ 472.096136] ? exc_page_fault+0x6a/0x1b0\n[ 472.096136] ? asm_exc_page_fault+0x26/0x30\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] ? mutex_lock+0x88/0xc0\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] l2cap_chan_timeo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27399",
"url": "https://www.suse.com/security/cve/CVE-2024-27399"
},
{
"category": "external",
"summary": "SUSE Bug 1224177 for CVE-2024-27399",
"url": "https://bugzilla.suse.com/1224177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-27399"
},
{
"cve": "CVE-2024-27410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27410"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject iftype change with mesh ID change\n\nIt\u0027s currently possible to change the mesh ID when the\ninterface isn\u0027t yet in mesh mode, at the same time as\nchanging it into mesh mode. This leads to an overwrite\nof data in the wdev-\u003eu union for the interface type it\ncurrently has, causing cfg80211_change_iface() to do\nwrong things when switching.\n\nWe could probably allow setting an interface to mesh\nwhile setting the mesh ID at the same time by doing a\ndifferent order of operations here, but realistically\nthere\u0027s no userspace that\u0027s going to do this, so just\ndisallow changes in iftype when setting mesh ID.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27410",
"url": "https://www.suse.com/security/cve/CVE-2024-27410"
},
{
"category": "external",
"summary": "SUSE Bug 1224432 for CVE-2024-27410",
"url": "https://bugzilla.suse.com/1224432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-27410"
},
{
"cve": "CVE-2024-35247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35247"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: region: add owner module and take its refcount\n\nThe current implementation of the fpga region assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the region\nduring programming if the parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_region\nstruct and use it to take the module\u0027s refcount. Modify the functions for\nregistering a region to take an additional owner module parameter and\nrename them to avoid conflicts. Use the old function names for helper\nmacros that automatically set the module that registers the region as the\nowner. This ensures compatibility with existing low-level control modules\nand reduces the chances of registering a region without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35247",
"url": "https://www.suse.com/security/cve/CVE-2024-35247"
},
{
"category": "external",
"summary": "SUSE Bug 1226948 for CVE-2024-35247",
"url": "https://bugzilla.suse.com/1226948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35247"
},
{
"cve": "CVE-2024-35807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix corruption during on-line resize\n\nWe observed a corruption during on-line resize of a file system that is\nlarger than 16 TiB with 4k block size. With having more then 2^32 blocks\nresize_inode is turned off by default by mke2fs. The issue can be\nreproduced on a smaller file system for convenience by explicitly\nturning off resize_inode. An on-line resize across an 8 GiB boundary (the\nsize of a meta block group in this setup) then leads to a corruption:\n\n dev=/dev/\u003csome_dev\u003e # should be \u003e= 16 GiB\n mkdir -p /corruption\n /sbin/mke2fs -t ext4 -b 4096 -O ^resize_inode $dev $((2 * 2**21 - 2**15))\n mount -t ext4 $dev /corruption\n\n dd if=/dev/zero bs=4096 of=/corruption/test count=$((2*2**21 - 4*2**15))\n sha1sum /corruption/test\n # 79d2658b39dcfd77274e435b0934028adafaab11 /corruption/test\n\n /sbin/resize2fs $dev $((2*2**21))\n # drop page cache to force reload the block from disk\n echo 1 \u003e /proc/sys/vm/drop_caches\n\n sha1sum /corruption/test\n # 3c2abc63cbf1a94c9e6977e0fbd72cd832c4d5c3 /corruption/test\n\n2^21 = 2^15*2^6 equals 8 GiB whereof 2^15 is the number of blocks per\nblock group and 2^6 are the number of block groups that make a meta\nblock group.\n\nThe last checksum might be different depending on how the file is laid\nout across the physical blocks. The actual corruption occurs at physical\nblock 63*2^15 = 2064384 which would be the location of the backup of the\nmeta block group\u0027s block descriptor. During the on-line resize the file\nsystem will be converted to meta_bg starting at s_first_meta_bg which is\n2 in the example - meaning all block groups after 16 GiB. However, in\next4_flex_group_add we might add block groups that are not part of the\nfirst meta block group yet. In the reproducer we achieved this by\nsubstracting the size of a whole block group from the point where the\nmeta block group would start. This must be considered when updating the\nbackup block group descriptors to follow the non-meta_bg layout. The fix\nis to add a test whether the group to add is already part of the meta\nblock group or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35807",
"url": "https://www.suse.com/security/cve/CVE-2024-35807"
},
{
"category": "external",
"summary": "SUSE Bug 1224735 for CVE-2024-35807",
"url": "https://bugzilla.suse.com/1224735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35807"
},
{
"cve": "CVE-2024-35822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: udc: remove warning when queue disabled ep\n\nIt is possible trigger below warning message from mass storage function,\n\nWARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usb_ep_queue+0x7c/0x104\npc : usb_ep_queue+0x7c/0x104\nlr : fsg_main_thread+0x494/0x1b3c\n\nRoot cause is mass storage function try to queue request from main thread,\nbut other thread may already disable ep when function disable.\n\nAs there is no function failure in the driver, in order to avoid effort\nto fix warning, change WARN_ON_ONCE() in usb_ep_queue() to pr_debug().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35822",
"url": "https://www.suse.com/security/cve/CVE-2024-35822"
},
{
"category": "external",
"summary": "SUSE Bug 1224739 for CVE-2024-35822",
"url": "https://bugzilla.suse.com/1224739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35822"
},
{
"cve": "CVE-2024-35835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix a double-free in arfs_create_groups\n\nWhen `in` allocated by kvzalloc fails, arfs_create_groups will free\nft-\u003eg and return an error. However, arfs_create_table, the only caller of\narfs_create_groups, will hold this error and call to\nmlx5e_destroy_flow_table, in which the ft-\u003eg will be freed again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35835",
"url": "https://www.suse.com/security/cve/CVE-2024-35835"
},
{
"category": "external",
"summary": "SUSE Bug 1224605 for CVE-2024-35835",
"url": "https://bugzilla.suse.com/1224605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35835"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35865",
"url": "https://www.suse.com/security/cve/CVE-2024-35865"
},
{
"category": "external",
"summary": "SUSE Bug 1224668 for CVE-2024-35865",
"url": "https://bugzilla.suse.com/1224668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35865"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_write()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35868",
"url": "https://www.suse.com/security/cve/CVE-2024-35868"
},
{
"category": "external",
"summary": "SUSE Bug 1224678 for CVE-2024-35868",
"url": "https://bugzilla.suse.com/1224678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35868"
},
{
"cve": "CVE-2024-35870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in smb2_reconnect_server()\n\nThe UAF bug is due to smb2_reconnect_server() accessing a session that\nis already being teared down by another thread that is executing\n__cifs_put_smb_ses(). This can happen when (a) the client has\nconnection to the server but no session or (b) another thread ends up\nsetting @ses-\u003eses_status again to something different than\nSES_EXITING.\n\nTo fix this, we need to make sure to unconditionally set\n@ses-\u003eses_status to SES_EXITING and prevent any other threads from\nsetting a new status while we\u0027re still tearing it down.\n\nThe following can be reproduced by adding some delay to right after\nthe ipc is freed in __cifs_put_smb_ses() - which will give\nsmb2_reconnect_server() worker a chance to run and then accessing\n@ses-\u003eipc:\n\nkinit ...\nmount.cifs //srv/share /mnt/1 -o sec=krb5,nohandlecache,echo_interval=10\n[disconnect srv]\nls /mnt/1 \u0026\u003e/dev/null\nsleep 30\nkdestroy\n[reconnect srv]\nsleep 10\numount /mnt/1\n...\nCIFS: VFS: Verify user has a krb5 ticket and keyutils is installed\nCIFS: VFS: \\\\srv Send error in SessSetup = -126\nCIFS: VFS: Verify user has a krb5 ticket and keyutils is installed\nCIFS: VFS: \\\\srv Send error in SessSetup = -126\ngeneral protection fault, probably for non-canonical address\n0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 50 Comm: kworker/3:1 Not tainted 6.9.0-rc2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39\n04/01/2014\nWorkqueue: cifsiod smb2_reconnect_server [cifs]\nRIP: 0010:__list_del_entry_valid_or_report+0x33/0xf0\nCode: 4f 08 48 85 d2 74 42 48 85 c9 74 59 48 b8 00 01 00 00 00 00 ad\nde 48 39 c2 74 61 48 b8 22 01 00 00 00 00 74 69 \u003c48\u003e 8b 01 48 39 f8 75\n7b 48 8b 72 08 48 39 c6 0f 85 88 00 00 00 b8\nRSP: 0018:ffffc900001bfd70 EFLAGS: 00010a83\nRAX: dead000000000122 RBX: ffff88810da53838 RCX: 6b6b6b6b6b6b6b6b\nRDX: 6b6b6b6b6b6b6b6b RSI: ffffffffc02f6878 RDI: ffff88810da53800\nRBP: ffff88810da53800 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff88810c064000\nR13: 0000000000000001 R14: ffff88810c064000 R15: ffff8881039cc000\nFS: 0000000000000000(0000) GS:ffff888157c00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe3728b1000 CR3: 000000010caa4000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x36/0x90\n ? exc_general_protection+0x1c1/0x3f0\n ? asm_exc_general_protection+0x26/0x30\n ? __list_del_entry_valid_or_report+0x33/0xf0\n __cifs_put_smb_ses+0x1ae/0x500 [cifs]\n smb2_reconnect_server+0x4ed/0x710 [cifs]\n process_one_work+0x205/0x6b0\n worker_thread+0x191/0x360\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe2/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35870",
"url": "https://www.suse.com/security/cve/CVE-2024-35870"
},
{
"category": "external",
"summary": "SUSE Bug 1224672 for CVE-2024-35870",
"url": "https://bugzilla.suse.com/1224672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35870"
},
{
"cve": "CVE-2024-35886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix infinite recursion in fib6_dump_done().\n\nsyzkaller reported infinite recursive calls of fib6_dump_done() during\nnetlink socket destruction. [1]\n\nFrom the log, syzkaller sent an AF_UNSPEC RTM_GETROUTE message, and then\nthe response was generated. The following recvmmsg() resumed the dump\nfor IPv6, but the first call of inet6_dump_fib() failed at kzalloc() due\nto the fault injection. [0]\n\n 12:01:34 executing program 3:\n r0 = socket$nl_route(0x10, 0x3, 0x0)\n sendmsg$nl_route(r0, ... snip ...)\n recvmmsg(r0, ... snip ...) (fail_nth: 8)\n\nHere, fib6_dump_done() was set to nlk_sk(sk)-\u003ecb.done, and the next call\nof inet6_dump_fib() set it to nlk_sk(sk)-\u003ecb.args[3]. syzkaller stopped\nreceiving the response halfway through, and finally netlink_sock_destruct()\ncalled nlk_sk(sk)-\u003ecb.done().\n\nfib6_dump_done() calls fib6_dump_end() and nlk_sk(sk)-\u003ecb.done() if it\nis still not NULL. fib6_dump_end() rewrites nlk_sk(sk)-\u003ecb.done() by\nnlk_sk(sk)-\u003ecb.args[3], but it has the same function, not NULL, calling\nitself recursively and hitting the stack guard page.\n\nTo avoid the issue, let\u0027s set the destructor after kzalloc().\n\n[0]:\nFAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 0\nCPU: 1 PID: 432110 Comm: syz-executor.3 Not tainted 6.8.0-12821-g537c2e91d354-dirty #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:117)\n should_fail_ex (lib/fault-inject.c:52 lib/fault-inject.c:153)\n should_failslab (mm/slub.c:3733)\n kmalloc_trace (mm/slub.c:3748 mm/slub.c:3827 mm/slub.c:3992)\n inet6_dump_fib (./include/linux/slab.h:628 ./include/linux/slab.h:749 net/ipv6/ip6_fib.c:662)\n rtnl_dump_all (net/core/rtnetlink.c:4029)\n netlink_dump (net/netlink/af_netlink.c:2269)\n netlink_recvmsg (net/netlink/af_netlink.c:1988)\n ____sys_recvmsg (net/socket.c:1046 net/socket.c:2801)\n ___sys_recvmsg (net/socket.c:2846)\n do_recvmmsg (net/socket.c:2943)\n __x64_sys_recvmmsg (net/socket.c:3041 net/socket.c:3034 net/socket.c:3034)\n\n[1]:\nBUG: TASK stack guard page was hit at 00000000f2fa9af1 (stack is 00000000b7912430..000000009a436beb)\nstack guard page: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 PID: 223719 Comm: kworker/1:3 Not tainted 6.8.0-12821-g537c2e91d354-dirty #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: events netlink_sock_destruct_work\nRIP: 0010:fib6_dump_done (net/ipv6/ip6_fib.c:570)\nCode: 3c 24 e8 f3 e9 51 fd e9 28 fd ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 41 57 41 56 41 55 41 54 55 48 89 fd \u003c53\u003e 48 8d 5d 60 e8 b6 4d 07 fd 48 89 da 48 b8 00 00 00 00 00 fc ff\nRSP: 0018:ffffc9000d980000 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffffffff84405990 RCX: ffffffff844059d3\nRDX: ffff8881028e0000 RSI: ffffffff84405ac2 RDI: ffff88810c02f358\nRBP: ffff88810c02f358 R08: 0000000000000007 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000224 R12: 0000000000000000\nR13: ffff888007c82c78 R14: ffff888007c82c68 R15: ffff888007c82c68\nFS: 0000000000000000(0000) GS:ffff88811b100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d97fff8 CR3: 0000000102309002 CR4: 0000000000770ef0\nPKRU: 55555554\nCall Trace:\n \u003c#DF\u003e\n \u003c/#DF\u003e\n \u003cTASK\u003e\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n ...\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n netlink_sock_destruct (net/netlink/af_netlink.c:401)\n __sk_destruct (net/core/sock.c:2177 (discriminator 2))\n sk_destruct (net/core/sock.c:2224)\n __sk_free (net/core/sock.c:2235)\n sk_free (net/core/sock.c:2246)\n process_one_work (kernel/workqueue.c:3259)\n worker_thread (kernel/workqueue.c:3329 kernel/workqueue.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35886",
"url": "https://www.suse.com/security/cve/CVE-2024-35886"
},
{
"category": "external",
"summary": "SUSE Bug 1224670 for CVE-2024-35886",
"url": "https://bugzilla.suse.com/1224670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35886"
},
{
"cve": "CVE-2024-35896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35896"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: validate user input for expected length\n\nI got multiple syzbot reports showing old bugs exposed\nby BPF after commit 20f2505fb436 (\"bpf: Try to avoid kzalloc\nin cgroup/{s,g}etsockopt\")\n\nsetsockopt() @optlen argument should be taken into account\nbefore copying data.\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n BUG: KASAN: slab-out-of-bounds in do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\nRead of size 96 at addr ffff88802cd73da0 by task syz-executor.4/7238\n\nCPU: 1 PID: 7238 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\n nf_setsockopt+0x295/0x2c0 net/netfilter/nf_sockopt.c:101\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\nRIP: 0033:0x7fd22067dde9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd21f9ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fd2207abf80 RCX: 00007fd22067dde9\nRDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007fd2206ca47a R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000880 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fd2207abf80 R15: 00007ffd2d0170d8\n \u003c/TASK\u003e\n\nAllocated by task 7238:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:4069 [inline]\n __kmalloc_noprof+0x200/0x410 mm/slub.c:4082\n kmalloc_noprof include/linux/slab.h:664 [inline]\n __cgroup_bpf_run_filter_setsockopt+0xd47/0x1050 kernel/bpf/cgroup.c:1869\n do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\n\nThe buggy address belongs to the object at ffff88802cd73da0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes inside of\n allocated 1-byte region [ffff88802cd73da0, ffff88802cd73da1)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802cd73020 pfn:0x2cd73\nflags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)\npage_type: 0xffffefff(slab)\nraw: 00fff80000000000 ffff888015041280 dead000000000100 dead000000000122\nraw: ffff88802cd73020 000000008080007f 00000001ffffefff 00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35896",
"url": "https://www.suse.com/security/cve/CVE-2024-35896"
},
{
"category": "external",
"summary": "SUSE Bug 1224662 for CVE-2024-35896",
"url": "https://bugzilla.suse.com/1224662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35896"
},
{
"cve": "CVE-2024-35922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbmon: prevent division by zero in fb_videomode_from_videomode()\n\nThe expression htotal * vtotal can have a zero value on\noverflow. It is necessary to prevent division by zero like in\nfb_var_to_videomode().\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35922",
"url": "https://www.suse.com/security/cve/CVE-2024-35922"
},
{
"category": "external",
"summary": "SUSE Bug 1224660 for CVE-2024-35922",
"url": "https://bugzilla.suse.com/1224660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35922"
},
{
"cve": "CVE-2024-35925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst-\u003enr_samples + src-\u003enr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35925",
"url": "https://www.suse.com/security/cve/CVE-2024-35925"
},
{
"category": "external",
"summary": "SUSE Bug 1224661 for CVE-2024-35925",
"url": "https://bugzilla.suse.com/1224661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35925"
},
{
"cve": "CVE-2024-35930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()\n\nThe call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an\nunsuccessful status. In such cases, the elsiocb is not issued, the\ncompletion is not called, and thus the elsiocb resource is leaked.\n\nCheck return value after calling lpfc_sli4_resume_rpi() and conditionally\nrelease the elsiocb resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35930",
"url": "https://www.suse.com/security/cve/CVE-2024-35930"
},
{
"category": "external",
"summary": "SUSE Bug 1224651 for CVE-2024-35930",
"url": "https://bugzilla.suse.com/1224651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35930"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-35956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations\n\nCreate subvolume, create snapshot and delete subvolume all use\nbtrfs_subvolume_reserve_metadata() to reserve metadata for the changes\ndone to the parent subvolume\u0027s fs tree, which cannot be mediated in the\nnormal way via start_transaction. When quota groups (squota or qgroups)\nare enabled, this reserves qgroup metadata of type PREALLOC. Once the\noperation is associated to a transaction, we convert PREALLOC to\nPERTRANS, which gets cleared in bulk at the end of the transaction.\n\nHowever, the error paths of these three operations were not implementing\nthis lifecycle correctly. They unconditionally converted the PREALLOC to\nPERTRANS in a generic cleanup step regardless of errors or whether the\noperation was fully associated to a transaction or not. This resulted in\nerror paths occasionally converting this rsv to PERTRANS without calling\nrecord_root_in_trans successfully, which meant that unless that root got\nrecorded in the transaction by some other thread, the end of the\ntransaction would not free that root\u0027s PERTRANS, leaking it. Ultimately,\nthis resulted in hitting a WARN in CONFIG_BTRFS_DEBUG builds at unmount\nfor the leaked reservation.\n\nThe fix is to ensure that every qgroup PREALLOC reservation observes the\nfollowing properties:\n\n1. any failure before record_root_in_trans is called successfully\n results in freeing the PREALLOC reservation.\n2. after record_root_in_trans, we convert to PERTRANS, and now the\n transaction owns freeing the reservation.\n\nThis patch enforces those properties on the three operations. Without\nit, generic/269 with squotas enabled at mkfs time would fail in ~5-10\nruns on my system. With this patch, it ran successfully 1000 times in a\nrow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35956",
"url": "https://www.suse.com/security/cve/CVE-2024-35956"
},
{
"category": "external",
"summary": "SUSE Bug 1224674 for CVE-2024-35956",
"url": "https://bugzilla.suse.com/1224674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35956"
},
{
"cve": "CVE-2024-35958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Fix incorrect descriptor free behavior\n\nENA has two types of TX queues:\n- queues which only process TX packets arriving from the network stack\n- queues which only process TX packets forwarded to it by XDP_REDIRECT\n or XDP_TX instructions\n\nThe ena_free_tx_bufs() cycles through all descriptors in a TX queue\nand unmaps + frees every descriptor that hasn\u0027t been acknowledged yet\nby the device (uncompleted TX transactions).\nThe function assumes that the processed TX queue is necessarily from\nthe first category listed above and ends up using napi_consume_skb()\nfor descriptors belonging to an XDP specific queue.\n\nThis patch solves a bug in which, in case of a VF reset, the\ndescriptors aren\u0027t freed correctly, leading to crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35958",
"url": "https://www.suse.com/security/cve/CVE-2024-35958"
},
{
"category": "external",
"summary": "SUSE Bug 1224677 for CVE-2024-35958",
"url": "https://bugzilla.suse.com/1224677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35958"
},
{
"cve": "CVE-2024-35960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Properly link new fs rules into the tree\n\nPreviously, add_rule_fg would only add newly created rules from the\nhandle into the tree when they had a refcount of 1. On the other hand,\ncreate_flow_handle tries hard to find and reference already existing\nidentical rules instead of creating new ones.\n\nThese two behaviors can result in a situation where create_flow_handle\n1) creates a new rule and references it, then\n2) in a subsequent step during the same handle creation references it\n again,\nresulting in a rule with a refcount of 2 that is not linked into the\ntree, will have a NULL parent and root and will result in a crash when\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\ndeletion, assumes node-\u003eparent is != NULL.\n\nThis happened in the wild, due to another bug related to incorrect\nhandling of duplicate pkt_reformat ids, which lead to the code in\ncreate_flow_handle incorrectly referencing a just-added rule in the same\nflow handle, resulting in the problem described above. Full details are\nat [1].\n\nThis patch changes add_rule_fg to add new rules without parents into\nthe tree, properly initializing them and avoiding the crash. This makes\nit more consistent with how rules are added to an FTE in\ncreate_flow_handle.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35960",
"url": "https://www.suse.com/security/cve/CVE-2024-35960"
},
{
"category": "external",
"summary": "SUSE Bug 1224588 for CVE-2024-35960",
"url": "https://bugzilla.suse.com/1224588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35960"
},
{
"cve": "CVE-2024-35962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: complete validation of user input\n\nIn my recent commit, I missed that do_replace() handlers\nuse copy_from_sockptr() (which I fixed), followed\nby unsafe copy_from_sockptr_offset() calls.\n\nIn all functions, we can perform the @optlen validation\nbefore even calling xt_alloc_table_info() with the following\ncheck:\n\nif ((u64)optlen \u003c (u64)tmp.size + sizeof(tmp))\n return -EINVAL;",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35962",
"url": "https://www.suse.com/security/cve/CVE-2024-35962"
},
{
"category": "external",
"summary": "SUSE Bug 1224583 for CVE-2024-35962",
"url": "https://bugzilla.suse.com/1224583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35962"
},
{
"cve": "CVE-2024-35976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35976"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING\n\nsyzbot reported an illegal copy in xsk_setsockopt() [1]\n\nMake sure to validate setsockopt() @optlen parameter.\n\n[1]\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in xsk_setsockopt+0x909/0xa40 net/xdp/xsk.c:1420\nRead of size 4 at addr ffff888028c6cde3 by task syz-executor.0/7549\n\nCPU: 0 PID: 7549 Comm: syz-executor.0 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n xsk_setsockopt+0x909/0xa40 net/xdp/xsk.c:1420\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\nRIP: 0033:0x7fb40587de69\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fb40665a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fb4059abf80 RCX: 00007fb40587de69\nRDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000006\nRBP: 00007fb4058ca47a R08: 0000000000000002 R09: 0000000000000000\nR10: 0000000020001980 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fb4059abf80 R15: 00007fff57ee4d08\n \u003c/TASK\u003e\n\nAllocated by task 7549:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3966 [inline]\n __kmalloc+0x233/0x4a0 mm/slub.c:3979\n kmalloc include/linux/slab.h:632 [inline]\n __cgroup_bpf_run_filter_setsockopt+0xd2f/0x1040 kernel/bpf/cgroup.c:1869\n do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nThe buggy address belongs to the object at ffff888028c6cde0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 1 bytes to the right of\n allocated 2-byte region [ffff888028c6cde0, ffff888028c6cde2)\n\nThe buggy address belongs to the physical page:\npage:ffffea0000a31b00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888028c6c9c0 pfn:0x28c6c\nanon flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xffffffff()\nraw: 00fff00000000800 ffff888014c41280 0000000000000000 dead000000000001\nraw: ffff888028c6c9c0 0000000080800057 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as allocated\npage last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 6648, tgid 6644 (syz-executor.0), ts 133906047828, free_ts 133859922223\n set_page_owner include/linux/page_owner.h:31 [inline]\n post_alloc_hook+0x1ea/0x210 mm/page_alloc.c:1533\n prep_new_page mm/page_alloc.c:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35976",
"url": "https://www.suse.com/security/cve/CVE-2024-35976"
},
{
"category": "external",
"summary": "SUSE Bug 1224575 for CVE-2024-35976",
"url": "https://bugzilla.suse.com/1224575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35976"
},
{
"cve": "CVE-2024-35979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid1: fix use-after-free for original bio in raid1_write_request()\n\nr1_bio-\u003ebios[] is used to record new bios that will be issued to\nunderlying disks, however, in raid1_write_request(), r1_bio-\u003ebios[]\nwill set to the original bio temporarily. Meanwhile, if blocked rdev\nis set, free_r1bio() will be called causing that all r1_bio-\u003ebios[]\nto be freed:\n\nraid1_write_request()\n r1_bio = alloc_r1bio(mddev, bio); -\u003e r1_bio-\u003ebios[] is NULL\n for (i = 0; i \u003c disks; i++) -\u003e for each rdev in conf\n // first rdev is normal\n r1_bio-\u003ebios[0] = bio; -\u003e set to original bio\n // second rdev is blocked\n if (test_bit(Blocked, \u0026rdev-\u003eflags))\n break\n\n if (blocked_rdev)\n free_r1bio()\n put_all_bios()\n bio_put(r1_bio-\u003ebios[0]) -\u003e original bio is freed\n\nTest scripts:\n\nmdadm -CR /dev/md0 -l1 -n4 /dev/sd[abcd] --assume-clean\nfio -filename=/dev/md0 -ioengine=libaio -rw=write -bs=4k -numjobs=1 \\\n -iodepth=128 -name=test -direct=1\necho blocked \u003e /sys/block/md0/md/rd2/state\n\nTest result:\n\nBUG bio-264 (Not tainted): Object already free\n-----------------------------------------------------------------------------\n\nAllocated in mempool_alloc_slab+0x24/0x50 age=1 cpu=1 pid=869\n kmem_cache_alloc+0x324/0x480\n mempool_alloc_slab+0x24/0x50\n mempool_alloc+0x6e/0x220\n bio_alloc_bioset+0x1af/0x4d0\n blkdev_direct_IO+0x164/0x8a0\n blkdev_write_iter+0x309/0x440\n aio_write+0x139/0x2f0\n io_submit_one+0x5ca/0xb70\n __do_sys_io_submit+0x86/0x270\n __x64_sys_io_submit+0x22/0x30\n do_syscall_64+0xb1/0x210\n entry_SYSCALL_64_after_hwframe+0x6c/0x74\nFreed in mempool_free_slab+0x1f/0x30 age=1 cpu=1 pid=869\n kmem_cache_free+0x28c/0x550\n mempool_free_slab+0x1f/0x30\n mempool_free+0x40/0x100\n bio_free+0x59/0x80\n bio_put+0xf0/0x220\n free_r1bio+0x74/0xb0\n raid1_make_request+0xadf/0x1150\n md_handle_request+0xc7/0x3b0\n md_submit_bio+0x76/0x130\n __submit_bio+0xd8/0x1d0\n submit_bio_noacct_nocheck+0x1eb/0x5c0\n submit_bio_noacct+0x169/0xd40\n submit_bio+0xee/0x1d0\n blkdev_direct_IO+0x322/0x8a0\n blkdev_write_iter+0x309/0x440\n aio_write+0x139/0x2f0\n\nSince that bios for underlying disks are not allocated yet, fix this\nproblem by using mempool_free() directly to free the r1_bio.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35979",
"url": "https://www.suse.com/security/cve/CVE-2024-35979"
},
{
"category": "external",
"summary": "SUSE Bug 1224572 for CVE-2024-35979",
"url": "https://bugzilla.suse.com/1224572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35979"
},
{
"cve": "CVE-2024-35997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\n\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\n\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\n\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\n\nDelete this unnecessary flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35997",
"url": "https://www.suse.com/security/cve/CVE-2024-35997"
},
{
"category": "external",
"summary": "SUSE Bug 1224552 for CVE-2024-35997",
"url": "https://bugzilla.suse.com/1224552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35997"
},
{
"cve": "CVE-2024-35998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix lock ordering potential deadlock in cifs_sync_mid_result\n\nCoverity spotted that the cifs_sync_mid_result function could deadlock\n\n\"Thread deadlock (ORDER_REVERSAL) lock_order: Calling spin_lock acquires\nlock TCP_Server_Info.srv_lock while holding lock TCP_Server_Info.mid_lock\"\n\nAddresses-Coverity: 1590401 (\"Thread deadlock (ORDER_REVERSAL)\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35998",
"url": "https://www.suse.com/security/cve/CVE-2024-35998"
},
{
"category": "external",
"summary": "SUSE Bug 1224549 for CVE-2024-35998",
"url": "https://bugzilla.suse.com/1224549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-35998"
},
{
"cve": "CVE-2024-36016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix possible out-of-bounds in gsm0_receive()\n\nAssuming the following:\n- side A configures the n_gsm in basic option mode\n- side B sends the header of a basic option mode frame with data length 1\n- side A switches to advanced option mode\n- side B sends 2 data bytes which exceeds gsm-\u003elen\n Reason: gsm-\u003elen is not used in advanced option mode.\n- side A switches to basic option mode\n- side B keeps sending until gsm0_receive() writes past gsm-\u003ebuf\n Reason: Neither gsm-\u003estate nor gsm-\u003elen have been reset after\n reconfiguration.\n\nFix this by changing gsm-\u003ecount to gsm-\u003elen comparison from equal to less\nthan. Also add upper limit checks against the constant MAX_MRU in\ngsm0_receive() and gsm1_receive() to harden against memory corruption of\ngsm-\u003elen and gsm-\u003emru.\n\nAll other checks remain as we still need to limit the data according to the\nuser configuration and actual payload size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36016",
"url": "https://www.suse.com/security/cve/CVE-2024-36016"
},
{
"category": "external",
"summary": "SUSE Bug 1225642 for CVE-2024-36016",
"url": "https://bugzilla.suse.com/1225642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36016"
},
{
"cve": "CVE-2024-36017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation\n\nEach attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a\nstruct ifla_vf_vlan_info so the size of such attribute needs to be at least\nof sizeof(struct ifla_vf_vlan_info) which is 14 bytes.\nThe current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes)\nwhich is less than sizeof(struct ifla_vf_vlan_info) so this validation\nis not enough and a too small attribute might be cast to a\nstruct ifla_vf_vlan_info, this might result in an out of bands\nread access when accessing the saved (casted) entry in ivvl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36017",
"url": "https://www.suse.com/security/cve/CVE-2024-36017"
},
{
"category": "external",
"summary": "SUSE Bug 1225681 for CVE-2024-36017",
"url": "https://bugzilla.suse.com/1225681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36017"
},
{
"cve": "CVE-2024-36025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix off by one in qla_edif_app_getstats()\n\nThe app_reply-\u003eelem[] array is allocated earlier in this function and it\nhas app_req.num_ports elements. Thus this \u003e comparison needs to be \u003e= to\nprevent memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36025",
"url": "https://www.suse.com/security/cve/CVE-2024-36025"
},
{
"category": "external",
"summary": "SUSE Bug 1225704 for CVE-2024-36025",
"url": "https://bugzilla.suse.com/1225704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36025"
},
{
"cve": "CVE-2024-36479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36479"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: bridge: add owner module and take its refcount\n\nThe current implementation of the fpga bridge assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the bridge if\nthe parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_bridge\nstruct and use it to take the module\u0027s refcount. Modify the function for\nregistering a bridge to take an additional owner module parameter and\nrename it to avoid conflicts. Use the old function name for a helper macro\nthat automatically sets the module that registers the bridge as the owner.\nThis ensures compatibility with existing low-level control modules and\nreduces the chances of registering a bridge without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga bridge.\n\nOther changes: opportunistically move put_device() from __fpga_bridge_get()\nto fpga_bridge_get() and of_fpga_bridge_get() to improve code clarity since\nthe bridge device is taken in these functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36479",
"url": "https://www.suse.com/security/cve/CVE-2024-36479"
},
{
"category": "external",
"summary": "SUSE Bug 1226949 for CVE-2024-36479",
"url": "https://bugzilla.suse.com/1226949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36479"
},
{
"cve": "CVE-2024-36592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36592"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36592",
"url": "https://www.suse.com/security/cve/CVE-2024-36592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2024-36592"
},
{
"cve": "CVE-2024-36880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: add missing firmware sanity checks\n\nAdd the missing sanity checks when parsing the firmware files before\ndownloading them to avoid accessing and corrupting memory beyond the\nvmalloced buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36880",
"url": "https://www.suse.com/security/cve/CVE-2024-36880"
},
{
"category": "external",
"summary": "SUSE Bug 1225722 for CVE-2024-36880",
"url": "https://bugzilla.suse.com/1225722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36880"
},
{
"cve": "CVE-2024-36894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete\n\nFFS based applications can utilize the aio_cancel() callback to dequeue\npending USB requests submitted to the UDC. There is a scenario where the\nFFS application issues an AIO cancel call, while the UDC is handling a\nsoft disconnect. For a DWC3 based implementation, the callstack looks\nlike the following:\n\n DWC3 Gadget FFS Application\ndwc3_gadget_soft_disconnect() ...\n --\u003e dwc3_stop_active_transfers()\n --\u003e dwc3_gadget_giveback(-ESHUTDOWN)\n --\u003e ffs_epfile_async_io_complete() ffs_aio_cancel()\n --\u003e usb_ep_free_request() --\u003e usb_ep_dequeue()\n\nThere is currently no locking implemented between the AIO completion\nhandler and AIO cancel, so the issue occurs if the completion routine is\nrunning in parallel to an AIO cancel call coming from the FFS application.\nAs the completion call frees the USB request (io_data-\u003ereq) the FFS\napplication is also referencing it for the usb_ep_dequeue() call. This can\nlead to accessing a stale/hanging pointer.\n\ncommit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus consistently\")\nrelocated the usb_ep_free_request() into ffs_epfile_async_io_complete().\nHowever, in order to properly implement locking to mitigate this issue, the\nspinlock can\u0027t be added to ffs_epfile_async_io_complete(), as\nusb_ep_dequeue() (if successfully dequeuing a USB request) will call the\nfunction driver\u0027s completion handler in the same context. Hence, leading\ninto a deadlock.\n\nFix this issue by moving the usb_ep_free_request() back to\nffs_user_copy_worker(), and ensuring that it explicitly sets io_data-\u003ereq\nto NULL after freeing it within the ffs-\u003eeps_lock. This resolves the race\ncondition above, as the ffs_aio_cancel() routine will not continue\nattempting to dequeue a request that has already been freed, or the\nffs_user_copy_work() not freeing the USB request until the AIO cancel is\ndone referencing it.\n\nThis fix depends on\n commit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus\n consistently\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36894",
"url": "https://www.suse.com/security/cve/CVE-2024-36894"
},
{
"category": "external",
"summary": "SUSE Bug 1225749 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "external",
"summary": "SUSE Bug 1226139 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1226139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2024-36894"
},
{
"cve": "CVE-2024-36915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: llcp: fix nfc_llcp_setsockopt() unsafe copies\n\nsyzbot reported unsafe calls to copy_from_sockptr() [1]\n\nUse copy_safe_from_sockptr() instead.\n\n[1]\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in nfc_llcp_setsockopt+0x6c2/0x850 net/nfc/llcp_sock.c:255\nRead of size 4 at addr ffff88801caa1ec3 by task syz-executor459/5078\n\nCPU: 0 PID: 5078 Comm: syz-executor459 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n nfc_llcp_setsockopt+0x6c2/0x850 net/nfc/llcp_sock.c:255\n do_sock_setsockopt+0x3b1/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfd/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\nRIP: 0033:0x7f7fac07fd89\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff660eb788 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f7fac07fd89\nRDX: 0000000000000000 RSI: 0000000000000118 RDI: 0000000000000004\nRBP: 0000000000000000 R08: 0000000000000002 R09: 0000000000000000\nR10: 0000000020000a80 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36915",
"url": "https://www.suse.com/security/cve/CVE-2024-36915"
},
{
"category": "external",
"summary": "SUSE Bug 1225758 for CVE-2024-36915",
"url": "https://bugzilla.suse.com/1225758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36915"
},
{
"cve": "CVE-2024-36917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix overflow in blk_ioctl_discard()\n\nThere is no check for overflow of \u0027start + len\u0027 in blk_ioctl_discard().\nHung task occurs if submit an discard ioctl with the following param:\n start = 0x80000000000ff000, len = 0x8000000000fff000;\nAdd the overflow validation now.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36917",
"url": "https://www.suse.com/security/cve/CVE-2024-36917"
},
{
"category": "external",
"summary": "SUSE Bug 1225770 for CVE-2024-36917",
"url": "https://bugzilla.suse.com/1225770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36917"
},
{
"cve": "CVE-2024-36919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload\n\nThe session resources are used by FW and driver when session is offloaded,\nonce session is uploaded these resources are not used. The lock is not\nrequired as these fields won\u0027t be used any longer. The offload and upload\ncalls are sequential, hence lock is not required.\n\nThis will suppress following BUG_ON():\n\n[ 449.843143] ------------[ cut here ]------------\n[ 449.848302] kernel BUG at mm/vmalloc.c:2727!\n[ 449.853072] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 449.858712] CPU: 5 PID: 1996 Comm: kworker/u24:2 Not tainted 5.14.0-118.el9.x86_64 #1\nRebooting.\n[ 449.867454] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.3.4 11/08/2016\n[ 449.876966] Workqueue: fc_rport_eq fc_rport_work [libfc]\n[ 449.882910] RIP: 0010:vunmap+0x2e/0x30\n[ 449.887098] Code: 00 65 8b 05 14 a2 f0 4a a9 00 ff ff 00 75 1b 55 48 89 fd e8 34 36 79 00 48 85 ed 74 0b 48 89 ef 31 f6 5d e9 14 fc ff ff 5d c3 \u003c0f\u003e 0b 0f 1f 44 00 00 41 57 41 56 49 89 ce 41 55 49 89 fd 41 54 41\n[ 449.908054] RSP: 0018:ffffb83d878b3d68 EFLAGS: 00010206\n[ 449.913887] RAX: 0000000080000201 RBX: ffff8f4355133550 RCX: 000000000d400005\n[ 449.921843] RDX: 0000000000000001 RSI: 0000000000001000 RDI: ffffb83da53f5000\n[ 449.929808] RBP: ffff8f4ac6675800 R08: ffffb83d878b3d30 R09: 00000000000efbdf\n[ 449.937774] R10: 0000000000000003 R11: ffff8f434573e000 R12: 0000000000001000\n[ 449.945736] R13: 0000000000001000 R14: ffffb83da53f5000 R15: ffff8f43d4ea3ae0\n[ 449.953701] FS: 0000000000000000(0000) GS:ffff8f529fc80000(0000) knlGS:0000000000000000\n[ 449.962732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 449.969138] CR2: 00007f8cf993e150 CR3: 0000000efbe10003 CR4: 00000000003706e0\n[ 449.977102] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 449.985065] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 449.993028] Call Trace:\n[ 449.995756] __iommu_dma_free+0x96/0x100\n[ 450.000139] bnx2fc_free_session_resc+0x67/0x240 [bnx2fc]\n[ 450.006171] bnx2fc_upload_session+0xce/0x100 [bnx2fc]\n[ 450.011910] bnx2fc_rport_event_handler+0x9f/0x240 [bnx2fc]\n[ 450.018136] fc_rport_work+0x103/0x5b0 [libfc]\n[ 450.023103] process_one_work+0x1e8/0x3c0\n[ 450.027581] worker_thread+0x50/0x3b0\n[ 450.031669] ? rescuer_thread+0x370/0x370\n[ 450.036143] kthread+0x149/0x170\n[ 450.039744] ? set_kthread_struct+0x40/0x40\n[ 450.044411] ret_from_fork+0x22/0x30\n[ 450.048404] Modules linked in: vfat msdos fat xfs nfs_layout_nfsv41_files rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver dm_service_time qedf qed crc8 bnx2fc libfcoe libfc scsi_transport_fc intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal intel_powerclamp dcdbas rapl intel_cstate intel_uncore mei_me pcspkr mei ipmi_ssif lpc_ich ipmi_si fuse zram ext4 mbcache jbd2 loop nfsv3 nfs_acl nfs lockd grace fscache netfs irdma ice sd_mod t10_pi sg ib_uverbs ib_core 8021q garp mrp stp llc mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt mxm_wmi fb_sys_fops cec crct10dif_pclmul ahci crc32_pclmul bnx2x drm ghash_clmulni_intel libahci rfkill i40e libata megaraid_sas mdio wmi sunrpc lrw dm_crypt dm_round_robin dm_multipath dm_snapshot dm_bufio dm_mirror dm_region_hash dm_log dm_zero dm_mod linear raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx raid6_pq libcrc32c crc32c_intel raid1 raid0 iscsi_ibft squashfs be2iscsi bnx2i cnic uio cxgb4i cxgb4 tls\n[ 450.048497] libcxgbi libcxgb qla4xxx iscsi_boot_sysfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi edd ipmi_devintf ipmi_msghandler\n[ 450.159753] ---[ end trace 712de2c57c64abc8 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36919",
"url": "https://www.suse.com/security/cve/CVE-2024-36919"
},
{
"category": "external",
"summary": "SUSE Bug 1225767 for CVE-2024-36919",
"url": "https://bugzilla.suse.com/1225767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36919"
},
{
"cve": "CVE-2024-36923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix uninitialized values during inode evict\n\nIf an iget fails due to not being able to retrieve information\nfrom the server then the inode structure is only partially\ninitialized. When the inode gets evicted, references to\nuninitialized structures (like fscache cookies) were being\nmade.\n\nThis patch checks for a bad_inode before doing anything other\nthan clearing the inode from the cache. Since the inode is\nbad, it shouldn\u0027t have any state associated with it that needs\nto be written back (and there really isn\u0027t a way to complete\nthose anyways).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36923",
"url": "https://www.suse.com/security/cve/CVE-2024-36923"
},
{
"category": "external",
"summary": "SUSE Bug 1225815 for CVE-2024-36923",
"url": "https://bugzilla.suse.com/1225815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36923"
},
{
"cve": "CVE-2024-36934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbna: ensure the copied buf is NUL terminated\n\nCurrently, we allocate a nbytes-sized kernel buffer and copy nbytes from\nuserspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using sscanf. Fix this issue by using memdup_user_nul\ninstead of memdup_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36934",
"url": "https://www.suse.com/security/cve/CVE-2024-36934"
},
{
"category": "external",
"summary": "SUSE Bug 1225760 for CVE-2024-36934",
"url": "https://bugzilla.suse.com/1225760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36934"
},
{
"cve": "CVE-2024-36938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue\n\nFix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which\nsyzbot reported [1].\n\n[1]\nBUG: KCSAN: data-race in sk_psock_drop / sk_psock_skb_ingress_enqueue\n\nwrite to 0xffff88814b3278b8 of 8 bytes by task 10724 on cpu 1:\n sk_psock_stop_verdict net/core/skmsg.c:1257 [inline]\n sk_psock_drop+0x13e/0x1f0 net/core/skmsg.c:843\n sk_psock_put include/linux/skmsg.h:459 [inline]\n sock_map_close+0x1a7/0x260 net/core/sock_map.c:1648\n unix_release+0x4b/0x80 net/unix/af_unix.c:1048\n __sock_release net/socket.c:659 [inline]\n sock_close+0x68/0x150 net/socket.c:1421\n __fput+0x2c1/0x660 fs/file_table.c:422\n __fput_sync+0x44/0x60 fs/file_table.c:507\n __do_sys_close fs/open.c:1556 [inline]\n __se_sys_close+0x101/0x1b0 fs/open.c:1541\n __x64_sys_close+0x1f/0x30 fs/open.c:1541\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff88814b3278b8 of 8 bytes by task 10713 on cpu 0:\n sk_psock_data_ready include/linux/skmsg.h:464 [inline]\n sk_psock_skb_ingress_enqueue+0x32d/0x390 net/core/skmsg.c:555\n sk_psock_skb_ingress_self+0x185/0x1e0 net/core/skmsg.c:606\n sk_psock_verdict_apply net/core/skmsg.c:1008 [inline]\n sk_psock_verdict_recv+0x3e4/0x4a0 net/core/skmsg.c:1202\n unix_read_skb net/unix/af_unix.c:2546 [inline]\n unix_stream_read_skb+0x9e/0xf0 net/unix/af_unix.c:2682\n sk_psock_verdict_data_ready+0x77/0x220 net/core/skmsg.c:1223\n unix_stream_sendmsg+0x527/0x860 net/unix/af_unix.c:2339\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x140/0x180 net/socket.c:745\n ____sys_sendmsg+0x312/0x410 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x1e9/0x280 net/socket.c:2667\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x46/0x50 net/socket.c:2674\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nvalue changed: 0xffffffff83d7feb0 -\u003e 0x0000000000000000\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 0 PID: 10713 Comm: syz-executor.4 Tainted: G W 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\n\nPrior to this, commit 4cd12c6065df (\"bpf, sockmap: Fix NULL pointer\ndereference in sk_psock_verdict_data_ready()\") fixed one NULL pointer\nsimilarly due to no protection of saved_data_ready. Here is another\ndifferent caller causing the same issue because of the same reason. So\nwe should protect it with sk_callback_lock read lock because the writer\nside in the sk_psock_drop() uses \"write_lock_bh(\u0026sk-\u003esk_callback_lock);\".\n\nTo avoid errors that could happen in future, I move those two pairs of\nlock into the sk_psock_data_ready(), which is suggested by John Fastabend.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36938",
"url": "https://www.suse.com/security/cve/CVE-2024-36938"
},
{
"category": "external",
"summary": "SUSE Bug 1225761 for CVE-2024-36938",
"url": "https://bugzilla.suse.com/1225761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36938"
},
{
"cve": "CVE-2024-36940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: core: delete incorrect free in pinctrl_enable()\n\nThe \"pctldev\" struct is allocated in devm_pinctrl_register_and_init().\nIt\u0027s a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),\nso freeing it in pinctrl_enable() will lead to a double free.\n\nThe devm_pinctrl_dev_release() function frees the pindescs and destroys\nthe mutex as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36940",
"url": "https://www.suse.com/security/cve/CVE-2024-36940"
},
{
"category": "external",
"summary": "SUSE Bug 1225840 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "external",
"summary": "SUSE Bug 1225841 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2024-36940"
},
{
"cve": "CVE-2024-36949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namd/amdkfd: sync all devices to wait all processes being evicted\n\nIf there are more than one device doing reset in parallel, the first\ndevice will call kfd_suspend_all_processes() to evict all processes\non all devices, this call takes time to finish. other device will\nstart reset and recover without waiting. if the process has not been\nevicted before doing recover, it will be restored, then caused page\nfault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36949",
"url": "https://www.suse.com/security/cve/CVE-2024-36949"
},
{
"category": "external",
"summary": "SUSE Bug 1225894 for CVE-2024-36949",
"url": "https://bugzilla.suse.com/1225894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36949"
},
{
"cve": "CVE-2024-36950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: ohci: mask bus reset interrupts between ISR and bottom half\n\nIn the FireWire OHCI interrupt handler, if a bus reset interrupt has\noccurred, mask bus reset interrupts until bus_reset_work has serviced and\ncleared the interrupt.\n\nNormally, we always leave bus reset interrupts masked. We infer the bus\nreset from the self-ID interrupt that happens shortly thereafter. A\nscenario where we unmask bus reset interrupts was introduced in 2008 in\na007bb857e0b26f5d8b73c2ff90782d9c0972620: If\nOHCI_PARAM_DEBUG_BUSRESETS (8) is set in the debug parameter bitmask, we\nwill unmask bus reset interrupts so we can log them.\n\nirq_handler logs the bus reset interrupt. However, we can\u0027t clear the bus\nreset event flag in irq_handler, because we won\u0027t service the event until\nlater. irq_handler exits with the event flag still set. If the\ncorresponding interrupt is still unmasked, the first bus reset will\nusually freeze the system due to irq_handler being called again each\ntime it exits. This freeze can be reproduced by loading firewire_ohci\nwith \"modprobe firewire_ohci debug=-1\" (to enable all debugging output).\nApparently there are also some cases where bus_reset_work will get called\nsoon enough to clear the event, and operation will continue normally.\n\nThis freeze was first reported a few months after a007bb85 was committed,\nbut until now it was never fixed. The debug level could safely be set\nto -1 through sysfs after the module was loaded, but this would be\nineffectual in logging bus reset interrupts since they were only\nunmasked during initialization.\n\nirq_handler will now leave the event flag set but mask bus reset\ninterrupts, so irq_handler won\u0027t be called again and there will be no\nfreeze. If OHCI_PARAM_DEBUG_BUSRESETS is enabled, bus_reset_work will\nunmask the interrupt after servicing the event, so future interrupts\nwill be caught as desired.\n\nAs a side effect to this change, OHCI_PARAM_DEBUG_BUSRESETS can now be\nenabled through sysfs in addition to during initial module loading.\nHowever, when enabled through sysfs, logging of bus reset interrupts will\nbe effective only starting with the second bus reset, after\nbus_reset_work has executed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36950",
"url": "https://www.suse.com/security/cve/CVE-2024-36950"
},
{
"category": "external",
"summary": "SUSE Bug 1225895 for CVE-2024-36950",
"url": "https://bugzilla.suse.com/1225895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36950"
},
{
"cve": "CVE-2024-36960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix invalid reads in fence signaled events\n\nCorrectly set the length of the drm_event to the size of the structure\nthat\u0027s actually used.\n\nThe length of the drm_event was set to the parent structure instead of\nto the drm_vmw_event_fence which is supposed to be read. drm_read\nuses the length parameter to copy the event to the user space thus\nresuling in oob reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36960",
"url": "https://www.suse.com/security/cve/CVE-2024-36960"
},
{
"category": "external",
"summary": "SUSE Bug 1225872 for CVE-2024-36960",
"url": "https://bugzilla.suse.com/1225872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-36960"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-37021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: manager: add owner module and take its refcount\n\nThe current implementation of the fpga manager assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the manager if\nthe parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_manager\nstruct and use it to take the module\u0027s refcount. Modify the functions for\nregistering the manager to take an additional owner module parameter and\nrename them to avoid conflicts. Use the old function names for helper\nmacros that automatically set the module that registers the manager as the\nowner. This ensures compatibility with existing low-level control modules\nand reduces the chances of registering a manager without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga manager.\n\nOther changes: opportunistically move put_device() from __fpga_mgr_get() to\nfpga_mgr_get() and of_fpga_mgr_get() to improve code clarity since the\nmanager device is taken in these functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37021",
"url": "https://www.suse.com/security/cve/CVE-2024-37021"
},
{
"category": "external",
"summary": "SUSE Bug 1226950 for CVE-2024-37021",
"url": "https://bugzilla.suse.com/1226950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-37021"
},
{
"cve": "CVE-2024-37354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37354"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix crash on racing fsync and size-extending write into prealloc\n\nWe have been seeing crashes on duplicate keys in\nbtrfs_set_item_key_safe():\n\n BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192)\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/ctree.c:2620!\n invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 0 PID: 3139 Comm: xfs_io Kdump: loaded Not tainted 6.9.0 #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:btrfs_set_item_key_safe+0x11f/0x290 [btrfs]\n\nWith the following stack trace:\n\n #0 btrfs_set_item_key_safe (fs/btrfs/ctree.c:2620:4)\n #1 btrfs_drop_extents (fs/btrfs/file.c:411:4)\n #2 log_one_extent (fs/btrfs/tree-log.c:4732:9)\n #3 btrfs_log_changed_extents (fs/btrfs/tree-log.c:4955:9)\n #4 btrfs_log_inode (fs/btrfs/tree-log.c:6626:9)\n #5 btrfs_log_inode_parent (fs/btrfs/tree-log.c:7070:8)\n #6 btrfs_log_dentry_safe (fs/btrfs/tree-log.c:7171:8)\n #7 btrfs_sync_file (fs/btrfs/file.c:1933:8)\n #8 vfs_fsync_range (fs/sync.c:188:9)\n #9 vfs_fsync (fs/sync.c:202:9)\n #10 do_fsync (fs/sync.c:212:9)\n #11 __do_sys_fdatasync (fs/sync.c:225:9)\n #12 __se_sys_fdatasync (fs/sync.c:223:1)\n #13 __x64_sys_fdatasync (fs/sync.c:223:1)\n #14 do_syscall_x64 (arch/x86/entry/common.c:52:14)\n #15 do_syscall_64 (arch/x86/entry/common.c:83:7)\n #16 entry_SYSCALL_64+0xaf/0x14c (arch/x86/entry/entry_64.S:121)\n\nSo we\u0027re logging a changed extent from fsync, which is splitting an\nextent in the log tree. But this split part already exists in the tree,\ntriggering the BUG().\n\nThis is the state of the log tree at the time of the crash, dumped with\ndrgn (https://github.com/osandov/drgn/blob/main/contrib/btrfs_tree.py)\nto get more details than btrfs_print_leaf() gives us:\n\n \u003e\u003e\u003e print_extent_buffer(prog.crashed_thread().stack_trace()[0][\"eb\"])\n leaf 33439744 level 0 items 72 generation 9 owner 18446744073709551610\n leaf 33439744 flags 0x100000000000000\n fs uuid e5bd3946-400c-4223-8923-190ef1f18677\n chunk uuid d58cb17e-6d02-494a-829a-18b7d8a399da\n item 0 key (450 INODE_ITEM 0) itemoff 16123 itemsize 160\n generation 7 transid 9 size 8192 nbytes 8473563889606862198\n block group 0 mode 100600 links 1 uid 0 gid 0 rdev 0\n sequence 204 flags 0x10(PREALLOC)\n atime 1716417703.220000000 (2024-05-22 15:41:43)\n ctime 1716417704.983333333 (2024-05-22 15:41:44)\n mtime 1716417704.983333333 (2024-05-22 15:41:44)\n otime 17592186044416.000000000 (559444-03-08 01:40:16)\n item 1 key (450 INODE_REF 256) itemoff 16110 itemsize 13\n index 195 namelen 3 name: 193\n item 2 key (450 XATTR_ITEM 1640047104) itemoff 16073 itemsize 37\n location key (0 UNKNOWN.0 0) type XATTR\n transid 7 data_len 1 name_len 6\n name: user.a\n data a\n item 3 key (450 EXTENT_DATA 0) itemoff 16020 itemsize 53\n generation 9 type 1 (regular)\n extent data disk byte 303144960 nr 12288\n extent data offset 0 nr 4096 ram 12288\n extent compression 0 (none)\n item 4 key (450 EXTENT_DATA 4096) itemoff 15967 itemsize 53\n generation 9 type 2 (prealloc)\n prealloc data disk byte 303144960 nr 12288\n prealloc data offset 4096 nr 8192\n item 5 key (450 EXTENT_DATA 8192) itemoff 15914 itemsize 53\n generation 9 type 2 (prealloc)\n prealloc data disk byte 303144960 nr 12288\n prealloc data offset 8192 nr 4096\n ...\n\nSo the real problem happened earlier: notice that items 4 (4k-12k) and 5\n(8k-12k) overlap. Both are prealloc extents. Item 4 straddles i_size and\nitem 5 starts at i_size.\n\nHere is the state of \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37354",
"url": "https://www.suse.com/security/cve/CVE-2024-37354"
},
{
"category": "external",
"summary": "SUSE Bug 1227101 for CVE-2024-37354",
"url": "https://bugzilla.suse.com/1227101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-37354"
},
{
"cve": "CVE-2024-38544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix seg fault in rxe_comp_queue_pkt\n\nIn rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the\nresp_pkts queue and then a decision is made whether to run the completer\ntask inline or schedule it. Finally the skb is dereferenced to bump a \u0027hw\u0027\nperformance counter. This is wrong because if the completer task is\nalready running in a separate thread it may have already processed the skb\nand freed it which can cause a seg fault. This has been observed\ninfrequently in testing at high scale.\n\nThis patch fixes this by changing the order of enqueuing the packet until\nafter the counter is accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38544",
"url": "https://www.suse.com/security/cve/CVE-2024-38544"
},
{
"category": "external",
"summary": "SUSE Bug 1226597 for CVE-2024-38544",
"url": "https://bugzilla.suse.com/1226597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38544"
},
{
"cve": "CVE-2024-38545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix UAF for cq async event\n\nThe refcount of CQ is not protected by locks. When CQ asynchronous\nevents and CQ destruction are concurrent, CQ may have been released,\nwhich will cause UAF.\n\nUse the xa_lock() to protect the CQ refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38545",
"url": "https://www.suse.com/security/cve/CVE-2024-38545"
},
{
"category": "external",
"summary": "SUSE Bug 1226595 for CVE-2024-38545",
"url": "https://bugzilla.suse.com/1226595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38545"
},
{
"cve": "CVE-2024-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38546",
"url": "https://www.suse.com/security/cve/CVE-2024-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1226593 for CVE-2024-38546",
"url": "https://bugzilla.suse.com/1226593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38546"
},
{
"cve": "CVE-2024-38549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38549"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Add 0 size check to mtk_drm_gem_obj\n\nAdd a check to mtk_drm_gem_init if we attempt to allocate a GEM object\nof 0 bytes. Currently, no such check exists and the kernel will panic if\na userspace application attempts to allocate a 0x0 GBM buffer.\n\nTested by attempting to allocate a 0x0 GBM buffer on an MT8188 and\nverifying that we now return EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38549",
"url": "https://www.suse.com/security/cve/CVE-2024-38549"
},
{
"category": "external",
"summary": "SUSE Bug 1226735 for CVE-2024-38549",
"url": "https://bugzilla.suse.com/1226735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38549"
},
{
"cve": "CVE-2024-38552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38552"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential index out of bounds in color transformation function\n\nFixes index out of bounds issue in the color transformation function.\nThe issue could occur when the index \u0027i\u0027 exceeds the number of transfer\nfunction points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the\ntransfer function points. If \u0027i\u0027 is out of bounds, an error message is\nlogged and the function returns false to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:405 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.red\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:406 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.green\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:407 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.blue\u0027 1025 \u003c= s32max",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38552",
"url": "https://www.suse.com/security/cve/CVE-2024-38552"
},
{
"category": "external",
"summary": "SUSE Bug 1226767 for CVE-2024-38552",
"url": "https://bugzilla.suse.com/1226767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38552"
},
{
"cve": "CVE-2024-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: remove .ndo_poll_controller to avoid deadlocks\n\nThere is a deadlock issue found in sungem driver, please refer to the\ncommit ac0a230f719b (\"eth: sungem: remove .ndo_poll_controller to avoid\ndeadlocks\"). The root cause of the issue is that netpoll is in atomic\ncontext and disable_irq() is called by .ndo_poll_controller interface\nof sungem driver, however, disable_irq() might sleep. After analyzing\nthe implementation of fec_poll_controller(), the fec driver should have\nthe same issue. Due to the fec driver uses NAPI for TX completions, the\n.ndo_poll_controller is unnecessary to be implemented in the fec driver,\nso fec_poll_controller() can be safely removed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38553",
"url": "https://www.suse.com/security/cve/CVE-2024-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1226744 for CVE-2024-38553",
"url": "https://bugzilla.suse.com/1226744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38553"
},
{
"cve": "CVE-2024-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ar5523: enable proper endpoint verification\n\nSyzkaller reports [1] hitting a warning about an endpoint in use\nnot having an expected type to it.\n\nFix the issue by checking for the existence of all proper\nendpoints with their according types intact.\n\nSadly, this patch has not been tested on real hardware.\n\n[1] Syzkaller report:\n------------[ cut here ]------------\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 3643 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n ar5523_cmd+0x41b/0x780 drivers/net/wireless/ath/ar5523/ar5523.c:275\n ar5523_cmd_read drivers/net/wireless/ath/ar5523/ar5523.c:302 [inline]\n ar5523_host_available drivers/net/wireless/ath/ar5523/ar5523.c:1376 [inline]\n ar5523_probe+0x14b0/0x1d10 drivers/net/wireless/ath/ar5523/ar5523.c:1655\n usb_probe_interface+0x30f/0x7f0 drivers/usb/core/driver.c:396\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_set_configuration+0x101d/0x1900 drivers/usb/core/message.c:2170\n usb_generic_driver_probe+0xbe/0x100 drivers/usb/core/generic.c:238\n usb_probe_device+0xd8/0x2c0 drivers/usb/core/driver.c:293\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_new_device.cold+0x685/0x10ad drivers/usb/core/hub.c:2573\n hub_port_connect drivers/usb/core/hub.c:5353 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5497 [inline]\n port_event drivers/usb/core/hub.c:5653 [inline]\n hub_event+0x26cb/0x45d0 drivers/usb/core/hub.c:5735\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38565",
"url": "https://www.suse.com/security/cve/CVE-2024-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1226747 for CVE-2024-38565",
"url": "https://bugzilla.suse.com/1226747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38565"
},
{
"cve": "CVE-2024-38567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38567"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: carl9170: add a proper sanity check for endpoints\n\nSyzkaller reports [1] hitting a warning which is caused by presence\nof a wrong endpoint type at the URB sumbitting stage. While there\nwas a check for a specific 4th endpoint, since it can switch types\nbetween bulk and interrupt, other endpoints are trusted implicitly.\nSimilar warning is triggered in a couple of other syzbot issues [2].\n\nFix the issue by doing a comprehensive check of all endpoints\ntaking into account difference between high- and full-speed\nconfiguration.\n\n[1] Syzkaller report:\n...\nWARNING: CPU: 0 PID: 4721 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n carl9170_usb_send_rx_irq_urb+0x273/0x340 drivers/net/wireless/ath/carl9170/usb.c:504\n carl9170_usb_init_device drivers/net/wireless/ath/carl9170/usb.c:939 [inline]\n carl9170_usb_firmware_finish drivers/net/wireless/ath/carl9170/usb.c:999 [inline]\n carl9170_usb_firmware_step2+0x175/0x240 drivers/net/wireless/ath/carl9170/usb.c:1028\n request_firmware_work_func+0x130/0x240 drivers/base/firmware_loader/main.c:1107\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308\n \u003c/TASK\u003e\n\n[2] Related syzkaller crashes:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38567",
"url": "https://www.suse.com/security/cve/CVE-2024-38567"
},
{
"category": "external",
"summary": "SUSE Bug 1226769 for CVE-2024-38567",
"url": "https://bugzilla.suse.com/1226769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38567"
},
{
"cve": "CVE-2024-38578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38578"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\necryptfs: Fix buffer size for tag 66 packet\n\nThe \u0027TAG 66 Packet Format\u0027 description is missing the cipher code and\nchecksum fields that are packed into the message packet. As a result,\nthe buffer allocated for the packet is 3 bytes too small and\nwrite_tag_66_packet() will write up to 3 bytes past the end of the\nbuffer.\n\nFix this by increasing the size of the allocation so the whole packet\nwill always fit in the buffer.\n\nThis fixes the below kasan slab-out-of-bounds bug:\n\n BUG: KASAN: slab-out-of-bounds in ecryptfs_generate_key_packet_set+0x7d6/0xde0\n Write of size 1 at addr ffff88800afbb2a5 by task touch/181\n\n CPU: 0 PID: 181 Comm: touch Not tainted 6.6.13-gnu #1 4c9534092be820851bb687b82d1f92a426598dc6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2/GNU Guix 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4c/0x70\n print_report+0xc5/0x610\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? kasan_complete_mode_report_info+0x44/0x210\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n kasan_report+0xc2/0x110\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n __asan_store1+0x62/0x80\n ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? __pfx_ecryptfs_generate_key_packet_set+0x10/0x10\n ? __alloc_pages+0x2e2/0x540\n ? __pfx_ovl_open+0x10/0x10 [overlay 30837f11141636a8e1793533a02e6e2e885dad1d]\n ? dentry_open+0x8f/0xd0\n ecryptfs_write_metadata+0x30a/0x550\n ? __pfx_ecryptfs_write_metadata+0x10/0x10\n ? ecryptfs_get_lower_file+0x6b/0x190\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n ? __pfx_path_openat+0x10/0x10\n do_filp_open+0x15e/0x290\n ? __pfx_do_filp_open+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? _raw_spin_lock+0x86/0xf0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? alloc_fd+0xf4/0x330\n do_sys_openat2+0x122/0x160\n ? __pfx_do_sys_openat2+0x10/0x10\n __x64_sys_openat+0xef/0x170\n ? __pfx___x64_sys_openat+0x10/0x10\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n RIP: 0033:0x7f00a703fd67\n Code: 25 00 00 41 00 3d 00 00 41 00 74 37 64 8b 04 25 18 00 00 00 85 c0 75 5b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 0f 87 85 00 00 00 48 83 c4 68 5d 41 5c c3 0f 1f\n RSP: 002b:00007ffc088e30b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\n RAX: ffffffffffffffda RBX: 00007ffc088e3368 RCX: 00007f00a703fd67\n RDX: 0000000000000941 RSI: 00007ffc088e48d7 RDI: 00000000ffffff9c\n RBP: 00007ffc088e48d7 R08: 0000000000000001 R09: 0000000000000000\n R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000941\n R13: 0000000000000000 R14: 00007ffc088e48d7 R15: 00007f00a7180040\n \u003c/TASK\u003e\n\n Allocated by task 181:\n kasan_save_stack+0x2f/0x60\n kasan_set_track+0x29/0x40\n kasan_save_alloc_info+0x25/0x40\n __kasan_kmalloc+0xc5/0xd0\n __kmalloc+0x66/0x160\n ecryptfs_generate_key_packet_set+0x6d2/0xde0\n ecryptfs_write_metadata+0x30a/0x550\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n do_filp_open+0x15e/0x290\n do_sys_openat2+0x122/0x160\n __x64_sys_openat+0xef/0x170\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38578",
"url": "https://www.suse.com/security/cve/CVE-2024-38578"
},
{
"category": "external",
"summary": "SUSE Bug 1226634 for CVE-2024-38578",
"url": "https://bugzilla.suse.com/1226634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38578"
},
{
"cve": "CVE-2024-38579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: bcm - Fix pointer arithmetic\n\nIn spu2_dump_omd() value of ptr is increased by ciph_key_len\ninstead of hash_iv_len which could lead to going beyond the\nbuffer boundaries.\nFix this bug by changing ciph_key_len to hash_iv_len.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38579",
"url": "https://www.suse.com/security/cve/CVE-2024-38579"
},
{
"category": "external",
"summary": "SUSE Bug 1226637 for CVE-2024-38579",
"url": "https://bugzilla.suse.com/1226637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38579"
},
{
"cve": "CVE-2024-38580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nepoll: be better about file lifetimes\n\nepoll can call out to vfs_poll() with a file pointer that may race with\nthe last \u0027fput()\u0027. That would make f_count go down to zero, and while\nthe ep-\u003emtx locking means that the resulting file pointer tear-down will\nbe blocked until the poll returns, it means that f_count is already\ndead, and any use of it won\u0027t actually get a reference to the file any\nmore: it\u0027s dead regardless.\n\nMake sure we have a valid ref on the file pointer before we call down to\nvfs_poll() from the epoll routines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38580",
"url": "https://www.suse.com/security/cve/CVE-2024-38580"
},
{
"category": "external",
"summary": "SUSE Bug 1226610 for CVE-2024-38580",
"url": "https://bugzilla.suse.com/1226610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38580"
},
{
"cve": "CVE-2024-38597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: sungem: remove .ndo_poll_controller to avoid deadlocks\n\nErhard reports netpoll warnings from sungem:\n\n netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398)\n WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370 netpoll_send_skb+0x1fc/0x20c\n\ngem_poll_controller() disables interrupts, which may sleep.\nWe can\u0027t sleep in netpoll, it has interrupts disabled completely.\nStrangely, gem_poll_controller() doesn\u0027t even poll the completions,\nand instead acts as if an interrupt has fired so it just schedules\nNAPI and exits. None of this has been necessary for years, since\nnetpoll invokes NAPI directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38597",
"url": "https://www.suse.com/security/cve/CVE-2024-38597"
},
{
"category": "external",
"summary": "SUSE Bug 1226749 for CVE-2024-38597",
"url": "https://bugzilla.suse.com/1226749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38597"
},
{
"cve": "CVE-2024-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix a race between readers and resize checks\n\nThe reader code in rb_get_reader_page() swaps a new reader page into the\nring buffer by doing cmpxchg on old-\u003elist.prev-\u003enext to point it to the\nnew page. Following that, if the operation is successful,\nold-\u003elist.next-\u003eprev gets updated too. This means the underlying\ndoubly-linked list is temporarily inconsistent, page-\u003eprev-\u003enext or\npage-\u003enext-\u003eprev might not be equal back to page for some page in the\nring buffer.\n\nThe resize operation in ring_buffer_resize() can be invoked in parallel.\nIt calls rb_check_pages() which can detect the described inconsistency\nand stop further tracing:\n\n[ 190.271762] ------------[ cut here ]------------\n[ 190.271771] WARNING: CPU: 1 PID: 6186 at kernel/trace/ring_buffer.c:1467 rb_check_pages.isra.0+0x6a/0xa0\n[ 190.271789] Modules linked in: [...]\n[ 190.271991] Unloaded tainted modules: intel_uncore_frequency(E):1 skx_edac(E):1\n[ 190.272002] CPU: 1 PID: 6186 Comm: cmd.sh Kdump: loaded Tainted: G E 6.9.0-rc6-default #5 158d3e1e6d0b091c34c3b96bfd99a1c58306d79f\n[ 190.272011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552c-rebuilt.opensuse.org 04/01/2014\n[ 190.272015] RIP: 0010:rb_check_pages.isra.0+0x6a/0xa0\n[ 190.272023] Code: [...]\n[ 190.272028] RSP: 0018:ffff9c37463abb70 EFLAGS: 00010206\n[ 190.272034] RAX: ffff8eba04b6cb80 RBX: 0000000000000007 RCX: ffff8eba01f13d80\n[ 190.272038] RDX: ffff8eba01f130c0 RSI: ffff8eba04b6cd00 RDI: ffff8eba0004c700\n[ 190.272042] RBP: ffff8eba0004c700 R08: 0000000000010002 R09: 0000000000000000\n[ 190.272045] R10: 00000000ffff7f52 R11: ffff8eba7f600000 R12: ffff8eba0004c720\n[ 190.272049] R13: ffff8eba00223a00 R14: 0000000000000008 R15: ffff8eba067a8000\n[ 190.272053] FS: 00007f1bd64752c0(0000) GS:ffff8eba7f680000(0000) knlGS:0000000000000000\n[ 190.272057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 190.272061] CR2: 00007f1bd6662590 CR3: 000000010291e001 CR4: 0000000000370ef0\n[ 190.272070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 190.272073] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 190.272077] Call Trace:\n[ 190.272098] \u003cTASK\u003e\n[ 190.272189] ring_buffer_resize+0x2ab/0x460\n[ 190.272199] __tracing_resize_ring_buffer.part.0+0x23/0xa0\n[ 190.272206] tracing_resize_ring_buffer+0x65/0x90\n[ 190.272216] tracing_entries_write+0x74/0xc0\n[ 190.272225] vfs_write+0xf5/0x420\n[ 190.272248] ksys_write+0x67/0xe0\n[ 190.272256] do_syscall_64+0x82/0x170\n[ 190.272363] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 190.272373] RIP: 0033:0x7f1bd657d263\n[ 190.272381] Code: [...]\n[ 190.272385] RSP: 002b:00007ffe72b643f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 190.272391] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1bd657d263\n[ 190.272395] RDX: 0000000000000002 RSI: 0000555a6eb538e0 RDI: 0000000000000001\n[ 190.272398] RBP: 0000555a6eb538e0 R08: 000000000000000a R09: 0000000000000000\n[ 190.272401] R10: 0000555a6eb55190 R11: 0000000000000246 R12: 00007f1bd6662500\n[ 190.272404] R13: 0000000000000002 R14: 00007f1bd6667c00 R15: 0000000000000002\n[ 190.272412] \u003c/TASK\u003e\n[ 190.272414] ---[ end trace 0000000000000000 ]---\n\nNote that ring_buffer_resize() calls rb_check_pages() only if the parent\ntrace_buffer has recording disabled. Recent commit d78ab792705c\n(\"tracing: Stop current tracer when resizing buffer\") causes that it is\nnow always the case which makes it more likely to experience this issue.\n\nThe window to hit this race is nonetheless very small. To help\nreproducing it, one can add a delay loop in rb_get_reader_page():\n\n ret = rb_head_page_replace(reader, cpu_buffer-\u003ereader_page);\n if (!ret)\n \tgoto spin;\n for (unsigned i = 0; i \u003c 1U \u003c\u003c 26; i++) /* inserted delay loop */\n \t__asm__ __volatile__ (\"\" : : : \"memory\");\n rb_list_head(reader-\u003elist.next)-\u003eprev = \u0026cpu_buffer-\u003ereader_page-\u003elist;\n\n.. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38601",
"url": "https://www.suse.com/security/cve/CVE-2024-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1226876 for CVE-2024-38601",
"url": "https://bugzilla.suse.com/1226876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38601"
},
{
"cve": "CVE-2024-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix netif state handling\n\nmlx5e_suspend cleans resources only if netif_device_present() returns\ntrue. However, mlx5e_resume changes the state of netif, via\nmlx5e_nic_enable, only if reg_state == NETREG_REGISTERED.\nIn the below case, the above leads to NULL-ptr Oops[1] and memory\nleaks:\n\nmlx5e_probe\n _mlx5e_resume\n mlx5e_attach_netdev\n mlx5e_nic_enable \u003c-- netdev not reg, not calling netif_device_attach()\n register_netdev \u003c-- failed for some reason.\nERROR_FLOW:\n _mlx5e_suspend \u003c-- netif_device_present return false, resources aren\u0027t freed :(\n\nHence, clean resources in this case as well.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0010 [#1] SMP\nCPU: 2 PID: 9345 Comm: test-ovs-ct-gen Not tainted 6.5.0_for_upstream_min_debug_2023_09_05_16_01 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at0xffffffffffffffd6.\nRSP: 0018:ffff888178aaf758 EFLAGS: 00010246\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x14c/0x3c0\n ? exc_page_fault+0x75/0x140\n ? asm_exc_page_fault+0x22/0x30\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_core_uplink_netdev_event_replay+0x3e/0x60 [mlx5_core]\n mlx5_mdev_netdev_track+0x53/0x60 [mlx5_ib]\n mlx5_ib_roce_init+0xc3/0x340 [mlx5_ib]\n __mlx5_ib_add+0x34/0xd0 [mlx5_ib]\n mlx5r_probe+0xe1/0x210 [mlx5_ib]\n ? auxiliary_match_id+0x6a/0x90\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x637/0x840\n __auxiliary_device_add+0x3b/0xa0\n add_adev+0xc9/0x140 [mlx5_core]\n mlx5_rescan_drivers_locked+0x22a/0x310 [mlx5_core]\n mlx5_register_device+0x53/0xa0 [mlx5_core]\n mlx5_init_one_devl_locked+0x5c4/0x9c0 [mlx5_core]\n mlx5_init_one+0x3b/0x60 [mlx5_core]\n probe_one+0x44c/0x730 [mlx5_core]\n local_pci_probe+0x3e/0x90\n pci_device_probe+0xbf/0x210\n ? kernfs_create_link+0x5d/0xa0\n ? sysfs_do_create_link_sd+0x60/0xc0\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n pci_bus_add_device+0x54/0x80\n pci_iov_add_virtfn+0x2e6/0x320\n sriov_enable+0x208/0x420\n mlx5_core_sriov_configure+0x9e/0x200 [mlx5_core]\n sriov_numvfs_store+0xae/0x1a0\n kernfs_fop_write_iter+0x10c/0x1a0\n vfs_write+0x291/0x3c0\n ksys_write+0x5f/0xe0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n CR2: 0000000000000000\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38608",
"url": "https://www.suse.com/security/cve/CVE-2024-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1226746 for CVE-2024-38608",
"url": "https://bugzilla.suse.com/1226746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38608"
},
{
"cve": "CVE-2024-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Set lower bound of start tick time\n\nCurrently ALSA timer doesn\u0027t have the lower limit of the start tick\ntime, and it allows a very small size, e.g. 1 tick with 1ns resolution\nfor hrtimer. Such a situation may lead to an unexpected RCU stall,\nwhere the callback repeatedly queuing the expire update, as reported\nby fuzzer.\n\nThis patch introduces a sanity check of the timer start tick time, so\nthat the system returns an error when a too small start size is set.\nAs of this patch, the lower limit is hard-coded to 100us, which is\nsmall enough but can still work somehow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38618",
"url": "https://www.suse.com/security/cve/CVE-2024-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1226754 for CVE-2024-38618",
"url": "https://bugzilla.suse.com/1226754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38618"
},
{
"cve": "CVE-2024-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: stk1160: fix bounds checking in stk1160_copy_video()\n\nThe subtract in this condition is reversed. The -\u003elength is the length\nof the buffer. The -\u003ebytesused is how many bytes we have copied thus\nfar. When the condition is reversed that means the result of the\nsubtraction is always negative but since it\u0027s unsigned then the result\nis a very high positive value. That means the overflow check is never\ntrue.\n\nAdditionally, the -\u003ebytesused doesn\u0027t actually work for this purpose\nbecause we\u0027re not writing to \"buf-\u003emem + buf-\u003ebytesused\". Instead, the\nmath to calculate the destination where we are writing is a bit\ninvolved. You calculate the number of full lines already written,\nmultiply by two, skip a line if necessary so that we start on an odd\nnumbered line, and add the offset into the line.\n\nTo fix this buffer overflow, just take the actual destination where we\nare writing, if the offset is already out of bounds print an error and\nreturn. Otherwise, write up to buf-\u003elength bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38621",
"url": "https://www.suse.com/security/cve/CVE-2024-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1226895 for CVE-2024-38621",
"url": "https://bugzilla.suse.com/1226895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38621"
},
{
"cve": "CVE-2024-38627",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38627"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstm class: Fix a double free in stm_register_device()\n\nThe put_device(\u0026stm-\u003edev) call will trigger stm_device_release() which\nfrees \"stm\" so the vfree(stm) on the next line is a double free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38627",
"url": "https://www.suse.com/security/cve/CVE-2024-38627"
},
{
"category": "external",
"summary": "SUSE Bug 1226857 for CVE-2024-38627",
"url": "https://bugzilla.suse.com/1226857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38627"
},
{
"cve": "CVE-2024-38659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nenic: Validate length of nl attributes in enic_set_vf_port\n\nenic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE\nis of length PORT_PROFILE_MAX and that the nl attributes\nIFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX.\nThese attributes are validated (in the function do_setlink in rtnetlink.c)\nusing the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE\nas NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and\nIFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation\nusing the policy is for the max size of the attributes and not on exact\nsize so the length of these attributes might be less than the sizes that\nenic_set_vf_port expects. This might cause an out of bands\nread access in the memcpys of the data of these\nattributes in enic_set_vf_port.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38659",
"url": "https://www.suse.com/security/cve/CVE-2024-38659"
},
{
"category": "external",
"summary": "SUSE Bug 1226883 for CVE-2024-38659",
"url": "https://bugzilla.suse.com/1226883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38659"
},
{
"cve": "CVE-2024-38661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ap: Fix crash in AP internal function modify_bitmap()\n\nA system crash like this\n\n Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403\n Fault in home space mode while using kernel ASCE.\n AS:00000002d71bc007 R3:00000003fe5b8007 S:000000011a446000 P:000000015660c13d\n Oops: 0038 ilc:3 [#1] PREEMPT SMP\n Modules linked in: mlx5_ib ...\n CPU: 8 PID: 7556 Comm: bash Not tainted 6.9.0-rc7 #8\n Hardware name: IBM 3931 A01 704 (LPAR)\n Krnl PSW : 0704e00180000000 0000014b75e7b606 (ap_parse_bitmap_str+0x10e/0x1f8)\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\n Krnl GPRS: 0000000000000001 ffffffffffffffc0 0000000000000001 00000048f96b75d3\n 000000cb00000100 ffffffffffffffff ffffffffffffffff 000000cb7df6fce0\n 000000cb7df6fce0 00000000ffffffff 000000000000002b 00000048ffffffff\n 000003ff9b2dbc80 200000cb7df6fcd8 0000014bffffffc0 000000cb7df6fbc8\n Krnl Code: 0000014b75e7b5fc: a7840047 brc 8,0000014b75e7b68a\n 0000014b75e7b600: 18b2 lr %r11,%r2\n #0000014b75e7b602: a7f4000a brc 15,0000014b75e7b616\n \u003e0000014b75e7b606: eb22d00000e6 laog %r2,%r2,0(%r13)\n 0000014b75e7b60c: a7680001 lhi %r6,1\n 0000014b75e7b610: 187b lr %r7,%r11\n 0000014b75e7b612: 84960021 brxh %r9,%r6,0000014b75e7b654\n 0000014b75e7b616: 18e9 lr %r14,%r9\n Call Trace:\n [\u003c0000014b75e7b606\u003e] ap_parse_bitmap_str+0x10e/0x1f8\n ([\u003c0000014b75e7b5dc\u003e] ap_parse_bitmap_str+0xe4/0x1f8)\n [\u003c0000014b75e7b758\u003e] apmask_store+0x68/0x140\n [\u003c0000014b75679196\u003e] kernfs_fop_write_iter+0x14e/0x1e8\n [\u003c0000014b75598524\u003e] vfs_write+0x1b4/0x448\n [\u003c0000014b7559894c\u003e] ksys_write+0x74/0x100\n [\u003c0000014b7618a440\u003e] __do_syscall+0x268/0x328\n [\u003c0000014b761a3558\u003e] system_call+0x70/0x98\n INFO: lockdep is turned off.\n Last Breaking-Event-Address:\n [\u003c0000014b75e7b636\u003e] ap_parse_bitmap_str+0x13e/0x1f8\n Kernel panic - not syncing: Fatal exception: panic_on_oops\n\noccured when /sys/bus/ap/a[pq]mask was updated with a relative mask value\n(like +0x10-0x12,+60,-90) with one of the numeric values exceeding INT_MAX.\n\nThe fix is simple: use unsigned long values for the internal variables. The\ncorrect checks are already in place in the function but a simple int for\nthe internal variables was used with the possibility to overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38661",
"url": "https://www.suse.com/security/cve/CVE-2024-38661"
},
{
"category": "external",
"summary": "SUSE Bug 1226996 for CVE-2024-38661",
"url": "https://bugzilla.suse.com/1226996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38661"
},
{
"cve": "CVE-2024-38780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj()\n\nSince commit a6aa8fca4d79 (\"dma-buf/sw-sync: Reduce irqsave/irqrestore from\nknown context\") by error replaced spin_unlock_irqrestore() with\nspin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite\nsync_print_obj() is called from sync_debugfs_show(), lockdep complains\ninconsistent lock state warning.\n\nUse plain spin_{lock,unlock}() for sync_print_obj(), for\nsync_debugfs_show() is already using spin_{lock,unlock}_irq().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38780",
"url": "https://www.suse.com/security/cve/CVE-2024-38780"
},
{
"category": "external",
"summary": "SUSE Bug 1226886 for CVE-2024-38780",
"url": "https://bugzilla.suse.com/1226886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.191.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.191.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.191.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-07-10T06:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-38780"
}
]
}
suse-su-2024:1644-1
Vulnerability from csaf_suse
Published
2024-05-14 14:29
Modified
2024-05-14 14:29
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2024-27042: Fixed drm/amdgpu for potential out-of-bounds access in amdgpu_discovery_reg_base_init() (bsc#1223823).
- CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714).
- CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821).
- CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).
- CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
- CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644).
- CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645).
- CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646).
- CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
- CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660).
- CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-26939: Fixed drm/i915/vma UAF on destroy against retire race (bsc#1223679).
- CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525).
- CVE-2024-26915: Fixed drm/amdgpu reset IH OVERFLOW_CLEAR bit (bsc#1223207).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26898: Fixed aoe potential use-after-free problem in aoecmd_cfg_pkts (bsc#1223016).
- CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
- CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196).
- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
- CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).
- CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26876: Fixed drm/bridge/adv7511 crash on irq during probe (bsc#1223119).
- CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076).
- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
- CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052).
- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
- CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).
- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
- CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
- CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
- CVE-2024-26791: Fixed btrfs/dev-replace properly validate device names (bsc#1222793).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726).
- CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26700: Fixed drm/amd/display MST Null pointer dereference for RV (bsc#1222870).
- CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
- CVE-2024-26679: Fixed inet read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
- CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
- CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612).
- CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
- CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
- CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
- CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080).
- CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505).
- CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498).
- CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
- CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478).
- CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499).
- CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475).
- CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710).
- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)
- CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838).
- CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).
- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).
The following non-security bugs were fixed:
- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
- Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
- Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports (git-fixes).
- HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes).
- Input: allocate keycode for Display refresh rate toggle (stable-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes).
- Reapply 'drm/qxl: simplify qxl_fence_wait' (stable-fixes).
- Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes).
- Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes).
- Revert 'ice: Fix ice VF reset during iavf initialization (jsc#PED-376).' (bsc#1223275)
- Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes).
- Revert 'usb: phy: generic: Get the vbus supply' (git-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
- USB: core: Add hub_get() and hub_put() routines (git-fixes).
- USB: core: Fix access violation during port device removal (git-fixes).
- USB: core: Fix deadlock in port 'disable' sysfs attribute (git-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
- nfsd: Fixed mount kerberized nfs4 share issue (git-fixes bsc#1223858).
- s390: Fixed kernel backtrack (bsc#1141539 git-fixes).
- nfsd: Fixed mount issue with KOTD (bsc#1223380 bsc#1217408 bsc#1223640).
- s390: Fixed LPM of lpar failure with error HSCLA2CF in 19th loops (jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
- clk: Get runtime PM before walking tree during disable_unused (git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- clk: Mark 'all_lists' as const (stable-fixes).
- clk: Print an info line before disabling unused clocks (stable-fixes).
- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
- clk: remove extra empty line (stable-fixes).
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- docs: Document the FAN_FS_ERROR event (stable-fixes).
- drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes).
- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
- drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
- drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-fixes).
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).
- fbdev: fix incorrect address computation in deferred IO (git-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).
- fuse: do not unhash root (bsc#1223951).
- fuse: fix root lookup with nonzero generation (bsc#1223950).
- hwmon: (amc6821) add of_match table (stable-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- i40e: Fix VF MAC filter removal (git-fixes).
- idma64: Do not try to serve interrupts when device is powered off (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow (git-fixes).
- ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- media: cec: core: remove length check of Timer Status (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473).
- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes).
- net: fix a memleak when uncloning an skb dst and its metadata (git-fixes).
- net: fix skb leak in __skb_tstamp_tx() (git-fixes).
- net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes).
- net: mld: fix reference count leak in mld_{query | report}_work() (git-fixes).
- net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes).
- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: vlan: fix underflow for the real_dev refcnt (git-fixes).
- net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).
- netfilter: br_netfilter: Drop dst references before setting (git-fixes).
- netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-fixes).
- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nouveau: fix function cast warning (git-fixes).
- nouveau: fix instmem race condition around ptr stores (git-fixes).
- phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
- platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
- powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191).
- powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888).
- powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888).
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- powerpc: Refactor verification of MSR_RI (bsc#1223191).
- printk: Add this_cpu_in_panic() (bsc#1223574).
- printk: Adjust mapping for 32bit seq macros (bsc#1223574).
- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574).
- printk: Disable passing console lock owner completely during panic() (bsc#1223574).
- printk: Drop console_sem during panic (bsc#1223574).
- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1223574).
- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574).
- printk: Wait for all reserved records with pr_flush() (bsc#1223574).
- printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
- printk: ringbuffer: Clarify special lpos values (bsc#1223574).
- printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1223574).
- printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574).
- printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574).
- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
- ring-buffer: Only update pages_touched when a new page is touched (git-fixes).
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875).
- s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785).
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878).
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879).
- s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876).
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
- serial: core: Provide port lock wrappers (stable-fixes).
- serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes).
- serial: mxs-auart: add spinlock around changing cts state (git-fixes).
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).
- tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
- thunderbolt: Fix wake configurations after device unplug (stable-fixes).
- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).
- tracing: Show size of requested perf buffer (git-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
- usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
- usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
- wifi: nl80211: do not free NULL coalescing rule (git-fixes).
- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).
- x86/bugs: Fix BHI documentation (git-fixes).
- x86/bugs: Fix BHI handling of RRSBA (git-fixes).
- x86/bugs: Fix BHI retpoline check (git-fixes).
- x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).
- x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes).
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes).
- x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes).
- xfrm6: fix inet6_dev refcount underflow problem (git-fixes).
Patchnames
SUSE-2024-1644,SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1644,openSUSE-SLE-15.5-2024-1644
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).\n- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).\n- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).\n- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).\n- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).\n- CVE-2024-27042: Fixed drm/amdgpu for potential out-of-bounds access in amdgpu_discovery_reg_base_init() (bsc#1223823).\n- CVE-2024-27041: Fixed drm/amd/display NULL checks for adev-\u003edm.dc in amdgpu_dm_fini() (bsc#1223714).\n- CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821).\n- CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).\n- CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).\n- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).\n- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).\n- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).\n- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).\n- CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644).\n- CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645).\n- CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646).\n- CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648).\n- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).\n- CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660).\n- CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).\n- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).\n- CVE-2024-26939: Fixed drm/i915/vma UAF on destroy against retire race (bsc#1223679).\n- CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525).\n- CVE-2024-26915: Fixed drm/amdgpu reset IH OVERFLOW_CLEAR bit (bsc#1223207).\n- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).\n- CVE-2024-26898: Fixed aoe potential use-after-free problem in aoecmd_cfg_pkts (bsc#1223016).\n- CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).\n- CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196).\n- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).\n- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).\n- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).\n- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).\n- CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).\n- CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066).\n- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).\n- CVE-2024-26876: Fixed drm/bridge/adv7511 crash on irq during probe (bsc#1223119).\n- CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024).\n- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).\n- CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076).\n- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).\n- CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052).\n- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).\n- CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).\n- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).\n- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).\n- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).\n- CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).\n- CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).\n- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).\n- CVE-2024-26791: Fixed btrfs/dev-replace properly validate device names (bsc#1222793).\n- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).\n- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).\n- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).\n- CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726).\n- CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).\n- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).\n- CVE-2024-26700: Fixed drm/amd/display MST Null pointer dereference for RV (bsc#1222870).\n- CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).\n- CVE-2024-26679: Fixed inet read sk-\u003esk_family once in inet_recv_error() (bsc#1222385).\n- CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).\n- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).\n- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).\n- CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).\n- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).\n- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).\n- CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).\n- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).\n- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).\n- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).\n- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).\n- CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).\n- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).\n- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).\n- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).\n- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).\n- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).\n- CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).\n- CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612).\n- CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).\n- CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042).\n- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).\n- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).\n- CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).\n- CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080).\n- CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505).\n- CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498).\n- CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496).\n- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-\u003emac_header (bsc#1223513).\n- CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478).\n- CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499).\n- CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth \u003e 0 (bsc#1223475).\n- CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710).\n- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).\n- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).\n- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).\n- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)\n- CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838).\n- CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).\n- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).\n- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).\n\nThe following non-security bugs were fixed:\n\n- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).\n- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).\n- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).\n- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).\n- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).\n- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).\n- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).\n- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).\n- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).\n- ASoC: meson: axg-card: make links nonatomic (git-fixes).\n- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).\n- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).\n- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).\n- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).\n- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).\n- Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes).\n- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).\n- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).\n- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).\n- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: add quirk for broken address properties (git-fixes).\n- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).\n- Bluetooth: btintel: Fixe build regression (git-fixes).\n- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).\n- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).\n- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).\n- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).\n- Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes).\n- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev-\u003edevc (git-fixes).\n- HID: logitech-dj: allow mice to use all types of reports (git-fixes).\n- HID: uhid: Use READ_ONCE()/WRITE_ONCE() for -\u003erunning (stable-fixes).\n- Input: allocate keycode for Display refresh rate toggle (stable-fixes).\n- Input: synaptics-rmi4 - fail probing if memory allocation for \u0027phys\u0027 fails (stable-fixes).\n- NFC: trf7970a: disable all regulators on removal (git-fixes).\n- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).\n- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes).\n- Reapply \u0027drm/qxl: simplify qxl_fence_wait\u0027 (stable-fixes).\n- Revert \u0027ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default\u0027 (stable-fixes).\n- Revert \u0027drm/qxl: simplify qxl_fence_wait\u0027 (git-fixes).\n- Revert \u0027ice: Fix ice VF reset during iavf initialization (jsc#PED-376).\u0027 (bsc#1223275)\n- Revert \u0027usb: cdc-wdm: close race between read and workqueue\u0027 (git-fixes).\n- Revert \u0027usb: phy: generic: Get the vbus supply\u0027 (git-fixes).\n- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).\n- USB: core: Add hub_get() and hub_put() routines (git-fixes).\n- USB: core: Fix access violation during port device removal (git-fixes).\n- USB: core: Fix deadlock in port \u0027disable\u0027 sysfs attribute (git-fixes).\n- USB: serial: add device ID for VeriFone adapter (stable-fixes).\n- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).\n- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).\n- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).\n- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).\n- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).\n- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).\n- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).\n- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).\n- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).\n- nfsd: Fixed mount kerberized nfs4 share issue (git-fixes bsc#1223858).\n- s390: Fixed kernel backtrack (bsc#1141539 git-fixes).\n- nfsd: Fixed mount issue with KOTD (bsc#1223380 bsc#1217408 bsc#1223640).\n- s390: Fixed LPM of lpar failure with error HSCLA2CF in 19th loops (jsc#PED-542 git-fixes bsc#1213573 ltc#203238).\n- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).\n- ahci: asm1064: correct count of reported ports (stable-fixes).\n- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)\n- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)\n- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)\n- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)\n- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).\n- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).\n- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).\n- clk: Get runtime PM before walking tree during disable_unused (git-fixes).\n- clk: Initialize struct clk_core kref earlier (stable-fixes).\n- clk: Mark \u0027all_lists\u0027 as const (stable-fixes).\n- clk: Print an info line before disabling unused clocks (stable-fixes).\n- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).\n- clk: remove extra empty line (stable-fixes).\n- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).\n- dma: xilinx_dpdma: Fix locking (git-fixes).\n- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).\n- dmaengine: owl: fix register access functions (git-fixes).\n- dmaengine: tegra186: Fix residual calculation (git-fixes).\n- docs: Document the FAN_FS_ERROR event (stable-fixes).\n- drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes).\n- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).\n- drm/amd/display: Fix nanosec stat overflow (stable-fixes).\n- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).\n- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).\n- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).\n- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).\n- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).\n- drm/amdgpu: always force full reset for SOC21 (stable-fixes).\n- drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes).\n- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).\n- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).\n- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).\n- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).\n- drm/ast: Fix soft lockup (git-fixes).\n- drm/client: Fully protect modes[] with dev-\u003emode_config.mutex (stable-fixes).\n- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).\n- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).\n- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).\n- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).\n- drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)\n- drm/panel: ili9341: Respect deferred probe (git-fixes).\n- drm/panel: ili9341: Use predefined error codes (git-fixes).\n- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).\n- drm/vc4: do not check if plane-\u003estate-\u003efb == state-\u003efb (stable-fixes).\n- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).\n- drm/vmwgfx: Fix crtc\u0027s atomic check conditional (git-fixes).\n- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).\n- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).\n- drm: nv04: Fix out of bounds access (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-fixes).\n- dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).\n- fbdev: fix incorrect address computation in deferred IO (git-fixes).\n- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).\n- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).\n- fuse: do not unhash root (bsc#1223951).\n- fuse: fix root lookup with nonzero generation (bsc#1223950).\n- hwmon: (amc6821) add of_match table (stable-fixes).\n- i2c: pxa: hide unused icr_bits[] variable (git-fixes).\n- i2c: smbus: fix NULL function pointer dereference (git-fixes).\n- i40e: Fix VF MAC filter removal (git-fixes).\n- idma64: Do not try to serve interrupts when device is powered off (git-fixes).\n- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).\n- iio:imu: adis16475: Fix sync mode setting (git-fixes).\n- init/main.c: Fix potential static_command_line memory overflow (git-fixes).\n- ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).\n- irqchip/gic-v3-its: Prevent double free on error (git-fixes).\n- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).\n- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).\n- media: cec: core: remove length check of Timer Status (stable-fixes).\n- media: sta2x11: fix irq handler cast (stable-fixes).\n- mei: me: add arrow lake point H DID (stable-fixes).\n- mei: me: add arrow lake point S DID (stable-fixes).\n- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).\n- mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473).\n- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).\n- mtd: diskonchip: work around ubsan link failure (stable-fixes).\n- net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes).\n- net: fix a memleak when uncloning an skb dst and its metadata (git-fixes).\n- net: fix skb leak in __skb_tstamp_tx() (git-fixes).\n- net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes).\n- net: mld: fix reference count leak in mld_{query | report}_work() (git-fixes).\n- net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes).\n- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).\n- net: usb: ax88179_178a: stop lying about skb-\u003etruesize (git-fixes).\n- net: vlan: fix underflow for the real_dev refcnt (git-fixes).\n- net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).\n- netfilter: br_netfilter: Drop dst references before setting (git-fixes).\n- netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-fixes).\n- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).\n- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).\n- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).\n- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).\n- nouveau: fix function cast warning (git-fixes).\n- nouveau: fix instmem race condition around ptr stores (git-fixes).\n- phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes).\n- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).\n- platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).\n- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).\n- powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191).\n- powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888).\n- powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888).\n- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).\n- powerpc: Refactor verification of MSR_RI (bsc#1223191).\n- printk: Add this_cpu_in_panic() (bsc#1223574).\n- printk: Adjust mapping for 32bit seq macros (bsc#1223574).\n- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574).\n- printk: Disable passing console lock owner completely during panic() (bsc#1223574).\n- printk: Drop console_sem during panic (bsc#1223574).\n- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1223574).\n- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574).\n- printk: Wait for all reserved records with pr_flush() (bsc#1223574).\n- printk: nbcon: Relocate 32bit seq macros (bsc#1223574).\n- printk: ringbuffer: Clarify special lpos values (bsc#1223574).\n- printk: ringbuffer: Cleanup reader terminology (bsc#1223574).\n- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1223574).\n- printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574).\n- printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574).\n- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).\n- ring-buffer: Only update pages_touched when a new page is touched (git-fixes).\n- ring-buffer: use READ_ONCE() to read cpu_buffer-\u003ecommit_page in concurrent environment (git-fixes).\n- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875).\n- s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785).\n- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877).\n- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878).\n- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879).\n- s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).\n- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876).\n- s390/vdso: drop \u0027-fPIC\u0027 from LDFLAGS (git-fixes bsc#1223598).\n- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595).\n- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).\n- serial: core: Provide port lock wrappers (stable-fixes).\n- serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes).\n- serial: mxs-auart: add spinlock around changing cts state (git-fixes).\n- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).\n- speakup: Avoid crash on very long word (git-fixes).\n- speakup: Fix 8bit characters from direct synth (git-fixes).\n- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).\n- tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes).\n- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).\n- thunderbolt: Fix wake configurations after device unplug (stable-fixes).\n- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).\n- tracing: Show size of requested perf buffer (git-fixes).\n- usb: Disable USB3 LPM at shutdown (stable-fixes).\n- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes).\n- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).\n- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).\n- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).\n- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).\n- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).\n- usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes).\n- usb: ohci: Prevent missed ohci interrupts (git-fixes).\n- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).\n- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).\n- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).\n- usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569).\n- usb: typec: ucsi: Ack unsupported commands (stable-fixes).\n- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).\n- usb: typec: ucsi: Fix connector check on init (git-fixes).\n- usb: udc: remove warning when queue disabled ep (stable-fixes).\n- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949).\n- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).\n- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).\n- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).\n- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).\n- wifi: nl80211: do not free NULL coalescing rule (git-fixes).\n- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).\n- x86/bugs: Fix BHI documentation (git-fixes).\n- x86/bugs: Fix BHI handling of RRSBA (git-fixes).\n- x86/bugs: Fix BHI retpoline check (git-fixes).\n- x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).\n- x86/bugs: Rename various \u0027ia32_cap\u0027 variables to \u0027x86_arch_cap_msr\u0027 (git-fixes).\n- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).\n- x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes).\n- x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes).\n- xfrm6: fix inet6_dev refcount underflow problem (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1644,SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1644,openSUSE-SLE-15.5-2024-1644",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1644-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1644-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241644-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1644-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-May/035263.html"
},
{
"category": "self",
"summary": "SUSE Bug 1141539",
"url": "https://bugzilla.suse.com/1141539"
},
{
"category": "self",
"summary": "SUSE Bug 1190576",
"url": "https://bugzilla.suse.com/1190576"
},
{
"category": "self",
"summary": "SUSE Bug 1192145",
"url": "https://bugzilla.suse.com/1192145"
},
{
"category": "self",
"summary": "SUSE Bug 1192837",
"url": "https://bugzilla.suse.com/1192837"
},
{
"category": "self",
"summary": "SUSE Bug 1193629",
"url": "https://bugzilla.suse.com/1193629"
},
{
"category": "self",
"summary": "SUSE Bug 1196869",
"url": "https://bugzilla.suse.com/1196869"
},
{
"category": "self",
"summary": "SUSE Bug 1200313",
"url": "https://bugzilla.suse.com/1200313"
},
{
"category": "self",
"summary": "SUSE Bug 1201308",
"url": "https://bugzilla.suse.com/1201308"
},
{
"category": "self",
"summary": "SUSE Bug 1201489",
"url": "https://bugzilla.suse.com/1201489"
},
{
"category": "self",
"summary": "SUSE Bug 1203906",
"url": "https://bugzilla.suse.com/1203906"
},
{
"category": "self",
"summary": "SUSE Bug 1203935",
"url": "https://bugzilla.suse.com/1203935"
},
{
"category": "self",
"summary": "SUSE Bug 1204614",
"url": "https://bugzilla.suse.com/1204614"
},
{
"category": "self",
"summary": "SUSE Bug 1207361",
"url": "https://bugzilla.suse.com/1207361"
},
{
"category": "self",
"summary": "SUSE Bug 1211592",
"url": "https://bugzilla.suse.com/1211592"
},
{
"category": "self",
"summary": "SUSE Bug 1213573",
"url": "https://bugzilla.suse.com/1213573"
},
{
"category": "self",
"summary": "SUSE Bug 1217339",
"url": "https://bugzilla.suse.com/1217339"
},
{
"category": "self",
"summary": "SUSE Bug 1217408",
"url": "https://bugzilla.suse.com/1217408"
},
{
"category": "self",
"summary": "SUSE Bug 1218562",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "self",
"summary": "SUSE Bug 1218917",
"url": "https://bugzilla.suse.com/1218917"
},
{
"category": "self",
"summary": "SUSE Bug 1219104",
"url": "https://bugzilla.suse.com/1219104"
},
{
"category": "self",
"summary": "SUSE Bug 1219126",
"url": "https://bugzilla.suse.com/1219126"
},
{
"category": "self",
"summary": "SUSE Bug 1219141",
"url": "https://bugzilla.suse.com/1219141"
},
{
"category": "self",
"summary": "SUSE Bug 1219169",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "self",
"summary": "SUSE Bug 1219170",
"url": "https://bugzilla.suse.com/1219170"
},
{
"category": "self",
"summary": "SUSE Bug 1219264",
"url": "https://bugzilla.suse.com/1219264"
},
{
"category": "self",
"summary": "SUSE Bug 1220342",
"url": "https://bugzilla.suse.com/1220342"
},
{
"category": "self",
"summary": "SUSE Bug 1220569",
"url": "https://bugzilla.suse.com/1220569"
},
{
"category": "self",
"summary": "SUSE Bug 1220761",
"url": "https://bugzilla.suse.com/1220761"
},
{
"category": "self",
"summary": "SUSE Bug 1221042",
"url": "https://bugzilla.suse.com/1221042"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221080",
"url": "https://bugzilla.suse.com/1221080"
},
{
"category": "self",
"summary": "SUSE Bug 1221084",
"url": "https://bugzilla.suse.com/1221084"
},
{
"category": "self",
"summary": "SUSE Bug 1221088",
"url": "https://bugzilla.suse.com/1221088"
},
{
"category": "self",
"summary": "SUSE Bug 1221299",
"url": "https://bugzilla.suse.com/1221299"
},
{
"category": "self",
"summary": "SUSE Bug 1221612",
"url": "https://bugzilla.suse.com/1221612"
},
{
"category": "self",
"summary": "SUSE Bug 1221617",
"url": "https://bugzilla.suse.com/1221617"
},
{
"category": "self",
"summary": "SUSE Bug 1221645",
"url": "https://bugzilla.suse.com/1221645"
},
{
"category": "self",
"summary": "SUSE Bug 1221825",
"url": "https://bugzilla.suse.com/1221825"
},
{
"category": "self",
"summary": "SUSE Bug 1222294",
"url": "https://bugzilla.suse.com/1222294"
},
{
"category": "self",
"summary": "SUSE Bug 1222307",
"url": "https://bugzilla.suse.com/1222307"
},
{
"category": "self",
"summary": "SUSE Bug 1222357",
"url": "https://bugzilla.suse.com/1222357"
},
{
"category": "self",
"summary": "SUSE Bug 1222368",
"url": "https://bugzilla.suse.com/1222368"
},
{
"category": "self",
"summary": "SUSE Bug 1222379",
"url": "https://bugzilla.suse.com/1222379"
},
{
"category": "self",
"summary": "SUSE Bug 1222385",
"url": "https://bugzilla.suse.com/1222385"
},
{
"category": "self",
"summary": "SUSE Bug 1222424",
"url": "https://bugzilla.suse.com/1222424"
},
{
"category": "self",
"summary": "SUSE Bug 1222430",
"url": "https://bugzilla.suse.com/1222430"
},
{
"category": "self",
"summary": "SUSE Bug 1222435",
"url": "https://bugzilla.suse.com/1222435"
},
{
"category": "self",
"summary": "SUSE Bug 1222482",
"url": "https://bugzilla.suse.com/1222482"
},
{
"category": "self",
"summary": "SUSE Bug 1222559",
"url": "https://bugzilla.suse.com/1222559"
},
{
"category": "self",
"summary": "SUSE Bug 1222585",
"url": "https://bugzilla.suse.com/1222585"
},
{
"category": "self",
"summary": "SUSE Bug 1222613",
"url": "https://bugzilla.suse.com/1222613"
},
{
"category": "self",
"summary": "SUSE Bug 1222615",
"url": "https://bugzilla.suse.com/1222615"
},
{
"category": "self",
"summary": "SUSE Bug 1222618",
"url": "https://bugzilla.suse.com/1222618"
},
{
"category": "self",
"summary": "SUSE Bug 1222624",
"url": "https://bugzilla.suse.com/1222624"
},
{
"category": "self",
"summary": "SUSE Bug 1222666",
"url": "https://bugzilla.suse.com/1222666"
},
{
"category": "self",
"summary": "SUSE Bug 1222669",
"url": "https://bugzilla.suse.com/1222669"
},
{
"category": "self",
"summary": "SUSE Bug 1222671",
"url": "https://bugzilla.suse.com/1222671"
},
{
"category": "self",
"summary": "SUSE Bug 1222703",
"url": "https://bugzilla.suse.com/1222703"
},
{
"category": "self",
"summary": "SUSE Bug 1222704",
"url": "https://bugzilla.suse.com/1222704"
},
{
"category": "self",
"summary": "SUSE Bug 1222709",
"url": "https://bugzilla.suse.com/1222709"
},
{
"category": "self",
"summary": "SUSE Bug 1222710",
"url": "https://bugzilla.suse.com/1222710"
},
{
"category": "self",
"summary": "SUSE Bug 1222721",
"url": "https://bugzilla.suse.com/1222721"
},
{
"category": "self",
"summary": "SUSE Bug 1222726",
"url": "https://bugzilla.suse.com/1222726"
},
{
"category": "self",
"summary": "SUSE Bug 1222773",
"url": "https://bugzilla.suse.com/1222773"
},
{
"category": "self",
"summary": "SUSE Bug 1222776",
"url": "https://bugzilla.suse.com/1222776"
},
{
"category": "self",
"summary": "SUSE Bug 1222785",
"url": "https://bugzilla.suse.com/1222785"
},
{
"category": "self",
"summary": "SUSE Bug 1222787",
"url": "https://bugzilla.suse.com/1222787"
},
{
"category": "self",
"summary": "SUSE Bug 1222790",
"url": "https://bugzilla.suse.com/1222790"
},
{
"category": "self",
"summary": "SUSE Bug 1222791",
"url": "https://bugzilla.suse.com/1222791"
},
{
"category": "self",
"summary": "SUSE Bug 1222792",
"url": "https://bugzilla.suse.com/1222792"
},
{
"category": "self",
"summary": "SUSE Bug 1222793",
"url": "https://bugzilla.suse.com/1222793"
},
{
"category": "self",
"summary": "SUSE Bug 1222796",
"url": "https://bugzilla.suse.com/1222796"
},
{
"category": "self",
"summary": "SUSE Bug 1222812",
"url": "https://bugzilla.suse.com/1222812"
},
{
"category": "self",
"summary": "SUSE Bug 1222824",
"url": "https://bugzilla.suse.com/1222824"
},
{
"category": "self",
"summary": "SUSE Bug 1222829",
"url": "https://bugzilla.suse.com/1222829"
},
{
"category": "self",
"summary": "SUSE Bug 1222832",
"url": "https://bugzilla.suse.com/1222832"
},
{
"category": "self",
"summary": "SUSE Bug 1222836",
"url": "https://bugzilla.suse.com/1222836"
},
{
"category": "self",
"summary": "SUSE Bug 1222838",
"url": "https://bugzilla.suse.com/1222838"
},
{
"category": "self",
"summary": "SUSE Bug 1222866",
"url": "https://bugzilla.suse.com/1222866"
},
{
"category": "self",
"summary": "SUSE Bug 1222867",
"url": "https://bugzilla.suse.com/1222867"
},
{
"category": "self",
"summary": "SUSE Bug 1222869",
"url": "https://bugzilla.suse.com/1222869"
},
{
"category": "self",
"summary": "SUSE Bug 1222870",
"url": "https://bugzilla.suse.com/1222870"
},
{
"category": "self",
"summary": "SUSE Bug 1222876",
"url": "https://bugzilla.suse.com/1222876"
},
{
"category": "self",
"summary": "SUSE Bug 1222878",
"url": "https://bugzilla.suse.com/1222878"
},
{
"category": "self",
"summary": "SUSE Bug 1222879",
"url": "https://bugzilla.suse.com/1222879"
},
{
"category": "self",
"summary": "SUSE Bug 1222881",
"url": "https://bugzilla.suse.com/1222881"
},
{
"category": "self",
"summary": "SUSE Bug 1222883",
"url": "https://bugzilla.suse.com/1222883"
},
{
"category": "self",
"summary": "SUSE Bug 1222888",
"url": "https://bugzilla.suse.com/1222888"
},
{
"category": "self",
"summary": "SUSE Bug 1222894",
"url": "https://bugzilla.suse.com/1222894"
},
{
"category": "self",
"summary": "SUSE Bug 1222901",
"url": "https://bugzilla.suse.com/1222901"
},
{
"category": "self",
"summary": "SUSE Bug 1222968",
"url": "https://bugzilla.suse.com/1222968"
},
{
"category": "self",
"summary": "SUSE Bug 1222976",
"url": "https://bugzilla.suse.com/1222976"
},
{
"category": "self",
"summary": "SUSE Bug 1223012",
"url": "https://bugzilla.suse.com/1223012"
},
{
"category": "self",
"summary": "SUSE Bug 1223014",
"url": "https://bugzilla.suse.com/1223014"
},
{
"category": "self",
"summary": "SUSE Bug 1223016",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "self",
"summary": "SUSE Bug 1223024",
"url": "https://bugzilla.suse.com/1223024"
},
{
"category": "self",
"summary": "SUSE Bug 1223033",
"url": "https://bugzilla.suse.com/1223033"
},
{
"category": "self",
"summary": "SUSE Bug 1223034",
"url": "https://bugzilla.suse.com/1223034"
},
{
"category": "self",
"summary": "SUSE Bug 1223035",
"url": "https://bugzilla.suse.com/1223035"
},
{
"category": "self",
"summary": "SUSE Bug 1223036",
"url": "https://bugzilla.suse.com/1223036"
},
{
"category": "self",
"summary": "SUSE Bug 1223037",
"url": "https://bugzilla.suse.com/1223037"
},
{
"category": "self",
"summary": "SUSE Bug 1223041",
"url": "https://bugzilla.suse.com/1223041"
},
{
"category": "self",
"summary": "SUSE Bug 1223042",
"url": "https://bugzilla.suse.com/1223042"
},
{
"category": "self",
"summary": "SUSE Bug 1223051",
"url": "https://bugzilla.suse.com/1223051"
},
{
"category": "self",
"summary": "SUSE Bug 1223052",
"url": "https://bugzilla.suse.com/1223052"
},
{
"category": "self",
"summary": "SUSE Bug 1223056",
"url": "https://bugzilla.suse.com/1223056"
},
{
"category": "self",
"summary": "SUSE Bug 1223057",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "self",
"summary": "SUSE Bug 1223058",
"url": "https://bugzilla.suse.com/1223058"
},
{
"category": "self",
"summary": "SUSE Bug 1223060",
"url": "https://bugzilla.suse.com/1223060"
},
{
"category": "self",
"summary": "SUSE Bug 1223061",
"url": "https://bugzilla.suse.com/1223061"
},
{
"category": "self",
"summary": "SUSE Bug 1223065",
"url": "https://bugzilla.suse.com/1223065"
},
{
"category": "self",
"summary": "SUSE Bug 1223066",
"url": "https://bugzilla.suse.com/1223066"
},
{
"category": "self",
"summary": "SUSE Bug 1223076",
"url": "https://bugzilla.suse.com/1223076"
},
{
"category": "self",
"summary": "SUSE Bug 1223078",
"url": "https://bugzilla.suse.com/1223078"
},
{
"category": "self",
"summary": "SUSE Bug 1223111",
"url": "https://bugzilla.suse.com/1223111"
},
{
"category": "self",
"summary": "SUSE Bug 1223115",
"url": "https://bugzilla.suse.com/1223115"
},
{
"category": "self",
"summary": "SUSE Bug 1223118",
"url": "https://bugzilla.suse.com/1223118"
},
{
"category": "self",
"summary": "SUSE Bug 1223119",
"url": "https://bugzilla.suse.com/1223119"
},
{
"category": "self",
"summary": "SUSE Bug 1223140",
"url": "https://bugzilla.suse.com/1223140"
},
{
"category": "self",
"summary": "SUSE Bug 1223187",
"url": "https://bugzilla.suse.com/1223187"
},
{
"category": "self",
"summary": "SUSE Bug 1223189",
"url": "https://bugzilla.suse.com/1223189"
},
{
"category": "self",
"summary": "SUSE Bug 1223190",
"url": "https://bugzilla.suse.com/1223190"
},
{
"category": "self",
"summary": "SUSE Bug 1223191",
"url": "https://bugzilla.suse.com/1223191"
},
{
"category": "self",
"summary": "SUSE Bug 1223196",
"url": "https://bugzilla.suse.com/1223196"
},
{
"category": "self",
"summary": "SUSE Bug 1223197",
"url": "https://bugzilla.suse.com/1223197"
},
{
"category": "self",
"summary": "SUSE Bug 1223198",
"url": "https://bugzilla.suse.com/1223198"
},
{
"category": "self",
"summary": "SUSE Bug 1223207",
"url": "https://bugzilla.suse.com/1223207"
},
{
"category": "self",
"summary": "SUSE Bug 1223275",
"url": "https://bugzilla.suse.com/1223275"
},
{
"category": "self",
"summary": "SUSE Bug 1223323",
"url": "https://bugzilla.suse.com/1223323"
},
{
"category": "self",
"summary": "SUSE Bug 1223360",
"url": "https://bugzilla.suse.com/1223360"
},
{
"category": "self",
"summary": "SUSE Bug 1223369",
"url": "https://bugzilla.suse.com/1223369"
},
{
"category": "self",
"summary": "SUSE Bug 1223380",
"url": "https://bugzilla.suse.com/1223380"
},
{
"category": "self",
"summary": "SUSE Bug 1223432",
"url": "https://bugzilla.suse.com/1223432"
},
{
"category": "self",
"summary": "SUSE Bug 1223473",
"url": "https://bugzilla.suse.com/1223473"
},
{
"category": "self",
"summary": "SUSE Bug 1223474",
"url": "https://bugzilla.suse.com/1223474"
},
{
"category": "self",
"summary": "SUSE Bug 1223475",
"url": "https://bugzilla.suse.com/1223475"
},
{
"category": "self",
"summary": "SUSE Bug 1223477",
"url": "https://bugzilla.suse.com/1223477"
},
{
"category": "self",
"summary": "SUSE Bug 1223478",
"url": "https://bugzilla.suse.com/1223478"
},
{
"category": "self",
"summary": "SUSE Bug 1223479",
"url": "https://bugzilla.suse.com/1223479"
},
{
"category": "self",
"summary": "SUSE Bug 1223481",
"url": "https://bugzilla.suse.com/1223481"
},
{
"category": "self",
"summary": "SUSE Bug 1223482",
"url": "https://bugzilla.suse.com/1223482"
},
{
"category": "self",
"summary": "SUSE Bug 1223484",
"url": "https://bugzilla.suse.com/1223484"
},
{
"category": "self",
"summary": "SUSE Bug 1223487",
"url": "https://bugzilla.suse.com/1223487"
},
{
"category": "self",
"summary": "SUSE Bug 1223490",
"url": "https://bugzilla.suse.com/1223490"
},
{
"category": "self",
"summary": "SUSE Bug 1223496",
"url": "https://bugzilla.suse.com/1223496"
},
{
"category": "self",
"summary": "SUSE Bug 1223498",
"url": "https://bugzilla.suse.com/1223498"
},
{
"category": "self",
"summary": "SUSE Bug 1223499",
"url": "https://bugzilla.suse.com/1223499"
},
{
"category": "self",
"summary": "SUSE Bug 1223501",
"url": "https://bugzilla.suse.com/1223501"
},
{
"category": "self",
"summary": "SUSE Bug 1223502",
"url": "https://bugzilla.suse.com/1223502"
},
{
"category": "self",
"summary": "SUSE Bug 1223503",
"url": "https://bugzilla.suse.com/1223503"
},
{
"category": "self",
"summary": "SUSE Bug 1223505",
"url": "https://bugzilla.suse.com/1223505"
},
{
"category": "self",
"summary": "SUSE Bug 1223509",
"url": "https://bugzilla.suse.com/1223509"
},
{
"category": "self",
"summary": "SUSE Bug 1223511",
"url": "https://bugzilla.suse.com/1223511"
},
{
"category": "self",
"summary": "SUSE Bug 1223512",
"url": "https://bugzilla.suse.com/1223512"
},
{
"category": "self",
"summary": "SUSE Bug 1223513",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "self",
"summary": "SUSE Bug 1223516",
"url": "https://bugzilla.suse.com/1223516"
},
{
"category": "self",
"summary": "SUSE Bug 1223517",
"url": "https://bugzilla.suse.com/1223517"
},
{
"category": "self",
"summary": "SUSE Bug 1223518",
"url": "https://bugzilla.suse.com/1223518"
},
{
"category": "self",
"summary": "SUSE Bug 1223519",
"url": "https://bugzilla.suse.com/1223519"
},
{
"category": "self",
"summary": "SUSE Bug 1223520",
"url": "https://bugzilla.suse.com/1223520"
},
{
"category": "self",
"summary": "SUSE Bug 1223522",
"url": "https://bugzilla.suse.com/1223522"
},
{
"category": "self",
"summary": "SUSE Bug 1223523",
"url": "https://bugzilla.suse.com/1223523"
},
{
"category": "self",
"summary": "SUSE Bug 1223525",
"url": "https://bugzilla.suse.com/1223525"
},
{
"category": "self",
"summary": "SUSE Bug 1223536",
"url": "https://bugzilla.suse.com/1223536"
},
{
"category": "self",
"summary": "SUSE Bug 1223539",
"url": "https://bugzilla.suse.com/1223539"
},
{
"category": "self",
"summary": "SUSE Bug 1223574",
"url": "https://bugzilla.suse.com/1223574"
},
{
"category": "self",
"summary": "SUSE Bug 1223595",
"url": "https://bugzilla.suse.com/1223595"
},
{
"category": "self",
"summary": "SUSE Bug 1223598",
"url": "https://bugzilla.suse.com/1223598"
},
{
"category": "self",
"summary": "SUSE Bug 1223628",
"url": "https://bugzilla.suse.com/1223628"
},
{
"category": "self",
"summary": "SUSE Bug 1223634",
"url": "https://bugzilla.suse.com/1223634"
},
{
"category": "self",
"summary": "SUSE Bug 1223640",
"url": "https://bugzilla.suse.com/1223640"
},
{
"category": "self",
"summary": "SUSE Bug 1223643",
"url": "https://bugzilla.suse.com/1223643"
},
{
"category": "self",
"summary": "SUSE Bug 1223644",
"url": "https://bugzilla.suse.com/1223644"
},
{
"category": "self",
"summary": "SUSE Bug 1223645",
"url": "https://bugzilla.suse.com/1223645"
},
{
"category": "self",
"summary": "SUSE Bug 1223646",
"url": "https://bugzilla.suse.com/1223646"
},
{
"category": "self",
"summary": "SUSE Bug 1223648",
"url": "https://bugzilla.suse.com/1223648"
},
{
"category": "self",
"summary": "SUSE Bug 1223655",
"url": "https://bugzilla.suse.com/1223655"
},
{
"category": "self",
"summary": "SUSE Bug 1223657",
"url": "https://bugzilla.suse.com/1223657"
},
{
"category": "self",
"summary": "SUSE Bug 1223660",
"url": "https://bugzilla.suse.com/1223660"
},
{
"category": "self",
"summary": "SUSE Bug 1223661",
"url": "https://bugzilla.suse.com/1223661"
},
{
"category": "self",
"summary": "SUSE Bug 1223663",
"url": "https://bugzilla.suse.com/1223663"
},
{
"category": "self",
"summary": "SUSE Bug 1223664",
"url": "https://bugzilla.suse.com/1223664"
},
{
"category": "self",
"summary": "SUSE Bug 1223668",
"url": "https://bugzilla.suse.com/1223668"
},
{
"category": "self",
"summary": "SUSE Bug 1223670",
"url": "https://bugzilla.suse.com/1223670"
},
{
"category": "self",
"summary": "SUSE Bug 1223679",
"url": "https://bugzilla.suse.com/1223679"
},
{
"category": "self",
"summary": "SUSE Bug 1223686",
"url": "https://bugzilla.suse.com/1223686"
},
{
"category": "self",
"summary": "SUSE Bug 1223693",
"url": "https://bugzilla.suse.com/1223693"
},
{
"category": "self",
"summary": "SUSE Bug 1223705",
"url": "https://bugzilla.suse.com/1223705"
},
{
"category": "self",
"summary": "SUSE Bug 1223714",
"url": "https://bugzilla.suse.com/1223714"
},
{
"category": "self",
"summary": "SUSE Bug 1223735",
"url": "https://bugzilla.suse.com/1223735"
},
{
"category": "self",
"summary": "SUSE Bug 1223738",
"url": "https://bugzilla.suse.com/1223738"
},
{
"category": "self",
"summary": "SUSE Bug 1223745",
"url": "https://bugzilla.suse.com/1223745"
},
{
"category": "self",
"summary": "SUSE Bug 1223784",
"url": "https://bugzilla.suse.com/1223784"
},
{
"category": "self",
"summary": "SUSE Bug 1223785",
"url": "https://bugzilla.suse.com/1223785"
},
{
"category": "self",
"summary": "SUSE Bug 1223790",
"url": "https://bugzilla.suse.com/1223790"
},
{
"category": "self",
"summary": "SUSE Bug 1223816",
"url": "https://bugzilla.suse.com/1223816"
},
{
"category": "self",
"summary": "SUSE Bug 1223821",
"url": "https://bugzilla.suse.com/1223821"
},
{
"category": "self",
"summary": "SUSE Bug 1223822",
"url": "https://bugzilla.suse.com/1223822"
},
{
"category": "self",
"summary": "SUSE Bug 1223823",
"url": "https://bugzilla.suse.com/1223823"
},
{
"category": "self",
"summary": "SUSE Bug 1223824",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "self",
"summary": "SUSE Bug 1223827",
"url": "https://bugzilla.suse.com/1223827"
},
{
"category": "self",
"summary": "SUSE Bug 1223834",
"url": "https://bugzilla.suse.com/1223834"
},
{
"category": "self",
"summary": "SUSE Bug 1223858",
"url": "https://bugzilla.suse.com/1223858"
},
{
"category": "self",
"summary": "SUSE Bug 1223875",
"url": "https://bugzilla.suse.com/1223875"
},
{
"category": "self",
"summary": "SUSE Bug 1223876",
"url": "https://bugzilla.suse.com/1223876"
},
{
"category": "self",
"summary": "SUSE Bug 1223877",
"url": "https://bugzilla.suse.com/1223877"
},
{
"category": "self",
"summary": "SUSE Bug 1223878",
"url": "https://bugzilla.suse.com/1223878"
},
{
"category": "self",
"summary": "SUSE Bug 1223879",
"url": "https://bugzilla.suse.com/1223879"
},
{
"category": "self",
"summary": "SUSE Bug 1223894",
"url": "https://bugzilla.suse.com/1223894"
},
{
"category": "self",
"summary": "SUSE Bug 1223921",
"url": "https://bugzilla.suse.com/1223921"
},
{
"category": "self",
"summary": "SUSE Bug 1223922",
"url": "https://bugzilla.suse.com/1223922"
},
{
"category": "self",
"summary": "SUSE Bug 1223923",
"url": "https://bugzilla.suse.com/1223923"
},
{
"category": "self",
"summary": "SUSE Bug 1223924",
"url": "https://bugzilla.suse.com/1223924"
},
{
"category": "self",
"summary": "SUSE Bug 1223929",
"url": "https://bugzilla.suse.com/1223929"
},
{
"category": "self",
"summary": "SUSE Bug 1223931",
"url": "https://bugzilla.suse.com/1223931"
},
{
"category": "self",
"summary": "SUSE Bug 1223932",
"url": "https://bugzilla.suse.com/1223932"
},
{
"category": "self",
"summary": "SUSE Bug 1223934",
"url": "https://bugzilla.suse.com/1223934"
},
{
"category": "self",
"summary": "SUSE Bug 1223941",
"url": "https://bugzilla.suse.com/1223941"
},
{
"category": "self",
"summary": "SUSE Bug 1223948",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "self",
"summary": "SUSE Bug 1223949",
"url": "https://bugzilla.suse.com/1223949"
},
{
"category": "self",
"summary": "SUSE Bug 1223950",
"url": "https://bugzilla.suse.com/1223950"
},
{
"category": "self",
"summary": "SUSE Bug 1223951",
"url": "https://bugzilla.suse.com/1223951"
},
{
"category": "self",
"summary": "SUSE Bug 1223952",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "self",
"summary": "SUSE Bug 1223953",
"url": "https://bugzilla.suse.com/1223953"
},
{
"category": "self",
"summary": "SUSE Bug 1223956",
"url": "https://bugzilla.suse.com/1223956"
},
{
"category": "self",
"summary": "SUSE Bug 1223957",
"url": "https://bugzilla.suse.com/1223957"
},
{
"category": "self",
"summary": "SUSE Bug 1223960",
"url": "https://bugzilla.suse.com/1223960"
},
{
"category": "self",
"summary": "SUSE Bug 1223962",
"url": "https://bugzilla.suse.com/1223962"
},
{
"category": "self",
"summary": "SUSE Bug 1223963",
"url": "https://bugzilla.suse.com/1223963"
},
{
"category": "self",
"summary": "SUSE Bug 1223964",
"url": "https://bugzilla.suse.com/1223964"
},
{
"category": "self",
"summary": "SUSE Bug 1223996",
"url": "https://bugzilla.suse.com/1223996"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47047 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47184 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47185 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47187 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47188 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47191 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47192 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47193 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47194 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47195 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47196 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47197 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47198 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47199 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47200 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47201 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47202 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47203 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47204 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47205 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47206 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47207 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47209 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47210 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47211 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47212 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47214 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47215 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47216 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47217 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47218 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47219 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47219/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48631 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48632 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48634 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48636 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48637 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48638 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48639 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48640 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48642 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48644 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48646 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48647 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48648 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48650 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48651 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48652 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48653 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48654 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48655 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48656 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48657 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48658 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48659 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48660 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48662 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48663 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48667 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48668 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48671 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48672 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48673 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48675 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48686 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48687 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48688 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48690 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48692 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48693 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48694 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48695 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48697 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48698 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48699 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48700 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48701 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48702 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48703 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48704 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2860 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52585 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52589 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52589/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52590 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52614 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52616 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52620 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52635 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52645 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52646 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52652 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6270 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0639 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0841 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-2201 page",
"url": "https://www.suse.com/security/cve/CVE-2024-2201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-22099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-22099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23850 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26610 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26656 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26671 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26673 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26675 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26687 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26688 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26700 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26764 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26766 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26772 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26773 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26783 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26792 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26816 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26825 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26830 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26833 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26836 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26843 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26853 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26856 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26866 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26872 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26875 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26876 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26877 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26879 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26881 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26891 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26893 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26897 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26927 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26933 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26939 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26965 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26966 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26970 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27030 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27038 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27039 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27041 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27042 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27043 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27046 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27389 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27389/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-05-14T14:29:53Z",
"generator": {
"date": "2024-05-14T14:29:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1644-1",
"initial_release_date": "2024-05-14T14:29:53Z",
"revision_history": [
{
"date": "2024-05-14T14:29:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product_id": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product_id": "dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product_id": "gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "kernel-azure-5.14.21-150500.33.51.1.aarch64",
"product_id": "kernel-azure-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"product_id": "kernel-azure-devel-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"product_id": "kernel-azure-extra-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"product_id": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"product_id": "kernel-azure-optional-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"product_id": "kernel-syms-azure-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product_id": "kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product_id": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product": {
"name": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"product_id": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"product": {
"name": "kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"product_id": "kernel-devel-azure-5.14.21-150500.33.51.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"product": {
"name": "kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"product_id": "kernel-source-azure-5.14.21-150500.33.51.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product_id": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product_id": "dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product_id": "gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "kernel-azure-5.14.21-150500.33.51.1.x86_64",
"product_id": "kernel-azure-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"product_id": "kernel-azure-devel-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"product_id": "kernel-azure-extra-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"product_id": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"product_id": "kernel-azure-optional-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"product_id": "kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"product_id": "kernel-syms-azure-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product_id": "kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product_id": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"product_id": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150500.33.51.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kernel-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150500.33.51.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150500.33.51.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150500.33.51.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-5.14.21-150500.33.51.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch"
},
"product_reference": "kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-5.14.21-150500.33.51.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch"
},
"product_reference": "kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150500.33.51.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150500.33.51.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kernel-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-5.14.21-150500.33.51.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch"
},
"product_reference": "kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-5.14.21-150500.33.51.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch"
},
"product_reference": "kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64"
},
"product_reference": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
},
"product_reference": "reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47047"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails\n\nThe spi controller supports 44-bit address space on AXI in DMA mode,\nso set dma_addr_t width to 44-bit to avoid using a swiotlb mapping.\nIn addition, if dma_map_single fails, it should return immediately\ninstead of continuing doing the DMA operation which bases on invalid\naddress.\n\nThis fixes the following crash which occurs in reading a big block\nfrom flash:\n\n[ 123.633577] zynqmp-qspi ff0f0000.spi: swiotlb buffer is full (sz: 4194304 bytes), total 32768 (slots), used 0 (slots)\n[ 123.644230] zynqmp-qspi ff0f0000.spi: ERR:rxdma:memory not mapped\n[ 123.784625] Unable to handle kernel paging request at virtual address 00000000003fffc0\n[ 123.792536] Mem abort info:\n[ 123.795313] ESR = 0x96000145\n[ 123.798351] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 123.803655] SET = 0, FnV = 0\n[ 123.806693] EA = 0, S1PTW = 0\n[ 123.809818] Data abort info:\n[ 123.812683] ISV = 0, ISS = 0x00000145\n[ 123.816503] CM = 1, WnR = 1\n[ 123.819455] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000805047000\n[ 123.825887] [00000000003fffc0] pgd=0000000803b45003, p4d=0000000803b45003, pud=0000000000000000\n[ 123.834586] Internal error: Oops: 96000145 [#1] PREEMPT SMP",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47047",
"url": "https://www.suse.com/security/cve/CVE-2021-47047"
},
{
"category": "external",
"summary": "SUSE Bug 1220761 for CVE-2021-47047",
"url": "https://bugzilla.suse.com/1220761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47047"
},
{
"cve": "CVE-2021-47184",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47184"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix NULL ptr dereference on VSI filter sync\n\nRemove the reason of null pointer dereference in sync VSI filters.\nAdded new I40E_VSI_RELEASING flag to signalize deleting and releasing\nof VSI resources to sync this thread with sync filters subtask.\nWithout this patch it is possible to start update the VSI filter list\nafter VSI is removed, that\u0027s causing a kernel oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47184",
"url": "https://www.suse.com/security/cve/CVE-2021-47184"
},
{
"category": "external",
"summary": "SUSE Bug 1222666 for CVE-2021-47184",
"url": "https://bugzilla.suse.com/1222666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47184"
},
{
"cve": "CVE-2021-47185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: tty_buffer: Fix the softlockup issue in flush_to_ldisc\n\nWhen running ltp testcase(ltp/testcases/kernel/pty/pty04.c) with arm64, there is a soft lockup,\nwhich look like this one:\n\n Workqueue: events_unbound flush_to_ldisc\n Call trace:\n dump_backtrace+0x0/0x1ec\n show_stack+0x24/0x30\n dump_stack+0xd0/0x128\n panic+0x15c/0x374\n watchdog_timer_fn+0x2b8/0x304\n __run_hrtimer+0x88/0x2c0\n __hrtimer_run_queues+0xa4/0x120\n hrtimer_interrupt+0xfc/0x270\n arch_timer_handler_phys+0x40/0x50\n handle_percpu_devid_irq+0x94/0x220\n __handle_domain_irq+0x88/0xf0\n gic_handle_irq+0x84/0xfc\n el1_irq+0xc8/0x180\n slip_unesc+0x80/0x214 [slip]\n tty_ldisc_receive_buf+0x64/0x80\n tty_port_default_receive_buf+0x50/0x90\n flush_to_ldisc+0xbc/0x110\n process_one_work+0x1d4/0x4b0\n worker_thread+0x180/0x430\n kthread+0x11c/0x120\n\nIn the testcase pty04, The first process call the write syscall to send\ndata to the pty master. At the same time, the workqueue will do the\nflush_to_ldisc to pop data in a loop until there is no more data left.\nWhen the sender and workqueue running in different core, the sender sends\ndata fastly in full time which will result in workqueue doing work in loop\nfor a long time and occuring softlockup in flush_to_ldisc with kernel\nconfigured without preempt. So I add need_resched check and cond_resched\nin the flush_to_ldisc loop to avoid it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47185",
"url": "https://www.suse.com/security/cve/CVE-2021-47185"
},
{
"category": "external",
"summary": "SUSE Bug 1222669 for CVE-2021-47185",
"url": "https://bugzilla.suse.com/1222669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47185"
},
{
"cve": "CVE-2021-47187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency\n\nThe entry/exit latency and minimum residency in state for the idle\nstates of MSM8998 were ..bad: first of all, for all of them the\ntimings were written for CPU sleep but the min-residency-us param\nwas miscalculated (supposedly, while porting this from downstream);\nThen, the power collapse states are setting PC on both the CPU\ncluster *and* the L2 cache, which have different timings: in the\nspecific case of L2 the times are higher so these ones should be\ntaken into account instead of the CPU ones.\n\nThis parameter misconfiguration was not giving particular issues\nbecause on MSM8998 there was no CPU scaling at all, so cluster/L2\npower collapse was rarely (if ever) hit.\nWhen CPU scaling is enabled, though, the wrong timings will produce\nSoC unstability shown to the user as random, apparently error-less,\nsudden reboots and/or lockups.\n\nThis set of parameters are stabilizing the SoC when CPU scaling is\nON and when power collapse is frequently hit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47187",
"url": "https://www.suse.com/security/cve/CVE-2021-47187"
},
{
"category": "external",
"summary": "SUSE Bug 1222703 for CVE-2021-47187",
"url": "https://bugzilla.suse.com/1222703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47187"
},
{
"cve": "CVE-2021-47188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Improve SCSI abort handling\n\nThe following has been observed on a test setup:\n\nWARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737 ufshcd_queuecommand+0x468/0x65c\nCall trace:\n ufshcd_queuecommand+0x468/0x65c\n scsi_send_eh_cmnd+0x224/0x6a0\n scsi_eh_test_devices+0x248/0x418\n scsi_eh_ready_devs+0xc34/0xe58\n scsi_error_handler+0x204/0x80c\n kthread+0x150/0x1b4\n ret_from_fork+0x10/0x30\n\nThat warning is triggered by the following statement:\n\n\tWARN_ON(lrbp-\u003ecmd);\n\nFix this warning by clearing lrbp-\u003ecmd from the abort handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47188",
"url": "https://www.suse.com/security/cve/CVE-2021-47188"
},
{
"category": "external",
"summary": "SUSE Bug 1222671 for CVE-2021-47188",
"url": "https://bugzilla.suse.com/1222671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47188"
},
{
"cve": "CVE-2021-47191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47191"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix out-of-bound read in resp_readcap16()\n\nThe following warning was observed running syzkaller:\n\n[ 3813.830724] sg_write: data in/out 65466/242 bytes for SCSI command 0x9e-- guessing data in;\n[ 3813.830724] program syz-executor not setting count and/or reply_len properly\n[ 3813.836956] ==================================================================\n[ 3813.839465] BUG: KASAN: stack-out-of-bounds in sg_copy_buffer+0x157/0x1e0\n[ 3813.841773] Read of size 4096 at addr ffff8883cf80f540 by task syz-executor/1549\n[ 3813.846612] Call Trace:\n[ 3813.846995] dump_stack+0x108/0x15f\n[ 3813.847524] print_address_description+0xa5/0x372\n[ 3813.848243] kasan_report.cold+0x236/0x2a8\n[ 3813.849439] check_memory_region+0x240/0x270\n[ 3813.850094] memcpy+0x30/0x80\n[ 3813.850553] sg_copy_buffer+0x157/0x1e0\n[ 3813.853032] sg_copy_from_buffer+0x13/0x20\n[ 3813.853660] fill_from_dev_buffer+0x135/0x370\n[ 3813.854329] resp_readcap16+0x1ac/0x280\n[ 3813.856917] schedule_resp+0x41f/0x1630\n[ 3813.858203] scsi_debug_queuecommand+0xb32/0x17e0\n[ 3813.862699] scsi_dispatch_cmd+0x330/0x950\n[ 3813.863329] scsi_request_fn+0xd8e/0x1710\n[ 3813.863946] __blk_run_queue+0x10b/0x230\n[ 3813.864544] blk_execute_rq_nowait+0x1d8/0x400\n[ 3813.865220] sg_common_write.isra.0+0xe61/0x2420\n[ 3813.871637] sg_write+0x6c8/0xef0\n[ 3813.878853] __vfs_write+0xe4/0x800\n[ 3813.883487] vfs_write+0x17b/0x530\n[ 3813.884008] ksys_write+0x103/0x270\n[ 3813.886268] __x64_sys_write+0x77/0xc0\n[ 3813.886841] do_syscall_64+0x106/0x360\n[ 3813.887415] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nThis issue can be reproduced with the following syzkaller log:\n\nr0 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x26e1, 0x0)\nr1 = syz_open_procfs(0xffffffffffffffff, \u0026(0x7f0000000000)=\u0027fd/3\\x00\u0027)\nopen_by_handle_at(r1, \u0026(0x7f00000003c0)=ANY=[@ANYRESHEX], 0x602000)\nr2 = syz_open_dev$sg(\u0026(0x7f0000000000), 0x0, 0x40782)\nwrite$binfmt_aout(r2, \u0026(0x7f0000000340)=ANY=[@ANYBLOB=\"00000000deff000000000000000000000000000000000000000000000000000047f007af9e107a41ec395f1bded7be24277a1501ff6196a83366f4e6362bc0ff2b247f68a972989b094b2da4fb3607fcf611a22dd04310d28c75039d\"], 0x126)\n\nIn resp_readcap16() we get \"int alloc_len\" value -1104926854, and then pass\nthe huge arr_len to fill_from_dev_buffer(), but arr is only 32 bytes. This\nleads to OOB in sg_copy_buffer().\n\nTo solve this issue, define alloc_len as u32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47191",
"url": "https://www.suse.com/security/cve/CVE-2021-47191"
},
{
"category": "external",
"summary": "SUSE Bug 1222866 for CVE-2021-47191",
"url": "https://bugzilla.suse.com/1222866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47191"
},
{
"cve": "CVE-2021-47192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47192"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: sysfs: Fix hang when device state is set via sysfs\n\nThis fixes a regression added with:\n\ncommit f0f82e2476f6 (\"scsi: core: Fix capacity set to zero after\nofflinining device\")\n\nThe problem is that after iSCSI recovery, iscsid will call into the kernel\nto set the dev\u0027s state to running, and with that patch we now call\nscsi_rescan_device() with the state_mutex held. If the SCSI error handler\nthread is just starting to test the device in scsi_send_eh_cmnd() then it\u0027s\ngoing to try to grab the state_mutex.\n\nWe are then stuck, because when scsi_rescan_device() tries to send its I/O\nscsi_queue_rq() calls -\u003e scsi_host_queue_ready() -\u003e scsi_host_in_recovery()\nwhich will return true (the host state is still in recovery) and I/O will\njust be requeued. scsi_send_eh_cmnd() will then never be able to grab the\nstate_mutex to finish error handling.\n\nTo prevent the deadlock move the rescan-related code to after we drop the\nstate_mutex.\n\nThis also adds a check for if we are already in the running state. This\nprevents extra scans and helps the iscsid case where if the transport class\nhas already onlined the device during its recovery process then we don\u0027t\nneed userspace to do it again plus possibly block that daemon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47192",
"url": "https://www.suse.com/security/cve/CVE-2021-47192"
},
{
"category": "external",
"summary": "SUSE Bug 1222867 for CVE-2021-47192",
"url": "https://bugzilla.suse.com/1222867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47192"
},
{
"cve": "CVE-2021-47193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47193"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Fix memory leak during rmmod\n\nDriver failed to release all memory allocated. This would lead to memory\nleak during driver removal.\n\nProperly free memory when the module is removed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47193",
"url": "https://www.suse.com/security/cve/CVE-2021-47193"
},
{
"category": "external",
"summary": "SUSE Bug 1222879 for CVE-2021-47193",
"url": "https://bugzilla.suse.com/1222879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47193"
},
{
"cve": "CVE-2021-47194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47194"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncfg80211: call cfg80211_stop_ap when switch from P2P_GO type\n\nIf the userspace tools switch from NL80211_IFTYPE_P2P_GO to\nNL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it\ndoes not call the cleanup cfg80211_stop_ap(), this leads to the\ninitialization of in-use data. For example, this path re-init the\nsdata-\u003eassigned_chanctx_list while it is still an element of\nassigned_vifs list, and makes that linked list corrupt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47194",
"url": "https://www.suse.com/security/cve/CVE-2021-47194"
},
{
"category": "external",
"summary": "SUSE Bug 1222829 for CVE-2021-47194",
"url": "https://bugzilla.suse.com/1222829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47194"
},
{
"cve": "CVE-2021-47195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47195"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix use-after-free of the add_lock mutex\n\nCommit 6098475d4cb4 (\"spi: Fix deadlock when adding SPI controllers on\nSPI buses\") introduced a per-controller mutex. But mutex_unlock() of\nsaid lock is called after the controller is already freed:\n\n spi_unregister_controller(ctlr)\n -\u003e put_device(\u0026ctlr-\u003edev)\n -\u003e spi_controller_release(dev)\n -\u003e mutex_unlock(\u0026ctrl-\u003eadd_lock)\n\nMove the put_device() after the mutex_unlock().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47195",
"url": "https://www.suse.com/security/cve/CVE-2021-47195"
},
{
"category": "external",
"summary": "SUSE Bug 1222832 for CVE-2021-47195",
"url": "https://bugzilla.suse.com/1222832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47195"
},
{
"cve": "CVE-2021-47196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47196"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Set send and receive CQ before forwarding to the driver\n\nPreset both receive and send CQ pointers prior to call to the drivers and\noverwrite it later again till the mlx4 is going to be changed do not\noverwrite ibqp properties.\n\nThis change is needed for mlx5, because in case of QP creation failure, it\nwill go to the path of QP destroy which relies on proper CQ pointers.\n\n BUG: KASAN: use-after-free in create_qp.cold+0x164/0x16e [mlx5_ib]\n Write of size 8 at addr ffff8880064c55c0 by task a.out/246\n\n CPU: 0 PID: 246 Comm: a.out Not tainted 5.15.0+ #291\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Call Trace:\n dump_stack_lvl+0x45/0x59\n print_address_description.constprop.0+0x1f/0x140\n kasan_report.cold+0x83/0xdf\n create_qp.cold+0x164/0x16e [mlx5_ib]\n mlx5_ib_create_qp+0x358/0x28a0 [mlx5_ib]\n create_qp.part.0+0x45b/0x6a0 [ib_core]\n ib_create_qp_user+0x97/0x150 [ib_core]\n ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs]\n ib_uverbs_ioctl+0x169/0x260 [ib_uverbs]\n __x64_sys_ioctl+0x866/0x14d0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n Allocated by task 246:\n kasan_save_stack+0x1b/0x40\n __kasan_kmalloc+0xa4/0xd0\n create_qp.part.0+0x92/0x6a0 [ib_core]\n ib_create_qp_user+0x97/0x150 [ib_core]\n ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs]\n ib_uverbs_ioctl+0x169/0x260 [ib_uverbs]\n __x64_sys_ioctl+0x866/0x14d0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\n Freed by task 246:\n kasan_save_stack+0x1b/0x40\n kasan_set_track+0x1c/0x30\n kasan_set_free_info+0x20/0x30\n __kasan_slab_free+0x10c/0x150\n slab_free_freelist_hook+0xb4/0x1b0\n kfree+0xe7/0x2a0\n create_qp.part.0+0x52b/0x6a0 [ib_core]\n ib_create_qp_user+0x97/0x150 [ib_core]\n ib_uverbs_handler_UVERBS_METHOD_QP_CREATE+0x92c/0x1250 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x1c38/0x3150 [ib_uverbs]\n ib_uverbs_ioctl+0x169/0x260 [ib_uverbs]\n __x64_sys_ioctl+0x866/0x14d0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47196",
"url": "https://www.suse.com/security/cve/CVE-2021-47196"
},
{
"category": "external",
"summary": "SUSE Bug 1222773 for CVE-2021-47196",
"url": "https://bugzilla.suse.com/1222773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47196"
},
{
"cve": "CVE-2021-47197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: nullify cq-\u003edbg pointer in mlx5_debug_cq_remove()\n\nPrior to this patch in case mlx5_core_destroy_cq() failed it proceeds\nto rest of destroy operations. mlx5_core_destroy_cq() could be called again\nby user and cause additional call of mlx5_debug_cq_remove().\ncq-\u003edbg was not nullify in previous call and cause the crash.\n\nFix it by nullify cq-\u003edbg pointer after removal.\n\nAlso proceed to destroy operations only if FW return 0\nfor MLX5_CMD_OP_DESTROY_CQ command.\n\ngeneral protection fault, probably for non-canonical address 0x2000300004058: 0000 [#1] SMP PTI\nCPU: 5 PID: 1228 Comm: python Not tainted 5.15.0-rc5_for_upstream_min_debug_2021_10_14_11_06 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:lockref_get+0x1/0x60\nCode: 5d e9 53 ff ff ff 48 8d 7f 70 e8 0a 2e 48 00 c7 85 d0 00 00 00 02\n00 00 00 c6 45 70 00 fb 5d c3 c3 cc cc cc cc cc cc cc cc 53 \u003c48\u003e 8b 17\n48 89 fb 85 d2 75 3d 48 89 d0 bf 64 00 00 00 48 89 c1 48\nRSP: 0018:ffff888137dd7a38 EFLAGS: 00010206\nRAX: 0000000000000000 RBX: ffff888107d5f458 RCX: 00000000fffffffe\nRDX: 000000000002c2b0 RSI: ffffffff8155e2e0 RDI: 0002000300004058\nRBP: ffff888137dd7a88 R08: 0002000300004058 R09: ffff8881144a9f88\nR10: 0000000000000000 R11: 0000000000000000 R12: ffff8881141d4000\nR13: ffff888137dd7c68 R14: ffff888137dd7d58 R15: ffff888137dd7cc0\nFS: 00007f4644f2a4c0(0000) GS:ffff8887a2d40000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055b4500f4380 CR3: 0000000114f7a003 CR4: 0000000000170ea0\nCall Trace:\n simple_recursive_removal+0x33/0x2e0\n ? debugfs_remove+0x60/0x60\n debugfs_remove+0x40/0x60\n mlx5_debug_cq_remove+0x32/0x70 [mlx5_core]\n mlx5_core_destroy_cq+0x41/0x1d0 [mlx5_core]\n devx_obj_cleanup+0x151/0x330 [mlx5_ib]\n ? __pollwait+0xd0/0xd0\n ? xas_load+0x5/0x70\n ? xa_load+0x62/0xa0\n destroy_hw_idr_uobject+0x20/0x80 [ib_uverbs]\n uverbs_destroy_uobject+0x3b/0x360 [ib_uverbs]\n uobj_destroy+0x54/0xa0 [ib_uverbs]\n ib_uverbs_cmd_verbs+0xaf2/0x1160 [ib_uverbs]\n ? uverbs_finalize_object+0xd0/0xd0 [ib_uverbs]\n ib_uverbs_ioctl+0xc4/0x1b0 [ib_uverbs]\n __x64_sys_ioctl+0x3e4/0x8e0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47197",
"url": "https://www.suse.com/security/cve/CVE-2021-47197"
},
{
"category": "external",
"summary": "SUSE Bug 1222776 for CVE-2021-47197",
"url": "https://bugzilla.suse.com/1222776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47197"
},
{
"cve": "CVE-2021-47198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine\n\nAn error is detected with the following report when unloading the driver:\n \"KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b\"\n\nThe NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg_fab_ctrl_node(), but the\nflag is not cleared upon completion of the login.\n\nThis allows a second call to lpfc_unreg_rpi() to proceed with nlp_rpi set\nto LPFC_RPI_ALLOW_ERROR. This results in a use after free access when used\nas an rpi_ids array index.\n\nFix by clearing the NLP_REG_LOGIN_SEND nlp_flag in\nlpfc_mbx_cmpl_fc_reg_login().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47198",
"url": "https://www.suse.com/security/cve/CVE-2021-47198"
},
{
"category": "external",
"summary": "SUSE Bug 1222883 for CVE-2021-47198",
"url": "https://bugzilla.suse.com/1222883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47198"
},
{
"cve": "CVE-2021-47199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47199"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: CT, Fix multiple allocations and memleak of mod acts\n\nCT clear action offload adds additional mod hdr actions to the\nflow\u0027s original mod actions in order to clear the registers which\nhold ct_state.\nWhen such flow also includes encap action, a neigh update event\ncan cause the driver to unoffload the flow and then reoffload it.\n\nEach time this happens, the ct clear handling adds that same set\nof mod hdr actions to reset ct_state until the max of mod hdr\nactions is reached.\n\nAlso the driver never releases the allocated mod hdr actions and\ncausing a memleak.\n\nFix above two issues by moving CT clear mod acts allocation\ninto the parsing actions phase and only use it when offloading the rule.\nThe release of mod acts will be done in the normal flow_put().\n\n backtrace:\n [\u003c000000007316e2f3\u003e] krealloc+0x83/0xd0\n [\u003c00000000ef157de1\u003e] mlx5e_mod_hdr_alloc+0x147/0x300 [mlx5_core]\n [\u003c00000000970ce4ae\u003e] mlx5e_tc_match_to_reg_set_and_get_id+0xd7/0x240 [mlx5_core]\n [\u003c0000000067c5fa17\u003e] mlx5e_tc_match_to_reg_set+0xa/0x20 [mlx5_core]\n [\u003c00000000d032eb98\u003e] mlx5_tc_ct_entry_set_registers.isra.0+0x36/0xc0 [mlx5_core]\n [\u003c00000000fd23b869\u003e] mlx5_tc_ct_flow_offload+0x272/0x1f10 [mlx5_core]\n [\u003c000000004fc24acc\u003e] mlx5e_tc_offload_fdb_rules.part.0+0x150/0x620 [mlx5_core]\n [\u003c00000000dc741c17\u003e] mlx5e_tc_encap_flows_add+0x489/0x690 [mlx5_core]\n [\u003c00000000e92e49d7\u003e] mlx5e_rep_update_flows+0x6e4/0x9b0 [mlx5_core]\n [\u003c00000000f60f5602\u003e] mlx5e_rep_neigh_update+0x39a/0x5d0 [mlx5_core]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47199",
"url": "https://www.suse.com/security/cve/CVE-2021-47199"
},
{
"category": "external",
"summary": "SUSE Bug 1222785 for CVE-2021-47199",
"url": "https://bugzilla.suse.com/1222785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47199"
},
{
"cve": "CVE-2021-47200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47200"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/prime: Fix use after free in mmap with drm_gem_ttm_mmap\n\ndrm_gem_ttm_mmap() drops a reference to the gem object on success. If\nthe gem object\u0027s refcount == 1 on entry to drm_gem_prime_mmap(), that\ndrop will free the gem object, and the subsequent drm_gem_object_get()\nwill be a UAF. Fix by grabbing a reference before calling the mmap\nhelper.\n\nThis issue was forseen when the reference dropping was adding in\ncommit 9786b65bc61ac (\"drm/ttm: fix mmap refcounting\"):\n \"For that to work properly the drm_gem_object_get() call in\n drm_gem_ttm_mmap() must be moved so it happens before calling\n obj-\u003efuncs-\u003emmap(), otherwise the gem refcount would go down\n to zero.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47200",
"url": "https://www.suse.com/security/cve/CVE-2021-47200"
},
{
"category": "external",
"summary": "SUSE Bug 1222838 for CVE-2021-47200",
"url": "https://bugzilla.suse.com/1222838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47200"
},
{
"cve": "CVE-2021-47201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: free q_vectors before queues in iavf_disable_vf\n\niavf_free_queues() clears adapter-\u003enum_active_queues, which\niavf_free_q_vectors() relies on, so swap the order of these two function\ncalls in iavf_disable_vf(). This resolves a panic encountered when the\ninterface is disabled and then later brought up again after PF\ncommunication is restored.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47201",
"url": "https://www.suse.com/security/cve/CVE-2021-47201"
},
{
"category": "external",
"summary": "SUSE Bug 1222792 for CVE-2021-47201",
"url": "https://bugzilla.suse.com/1222792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47201"
},
{
"cve": "CVE-2021-47202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47202"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: Fix NULL pointer dereferences in of_thermal_ functions\n\nof_parse_thermal_zones() parses the thermal-zones node and registers a\nthermal_zone device for each subnode. However, if a thermal zone is\nconsuming a thermal sensor and that thermal sensor device hasn\u0027t probed\nyet, an attempt to set trip_point_*_temp for that thermal zone device\ncan cause a NULL pointer dereference. Fix it.\n\n console:/sys/class/thermal/thermal_zone87 # echo 120000 \u003e trip_point_0_temp\n ...\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ...\n Call trace:\n of_thermal_set_trip_temp+0x40/0xc4\n trip_point_temp_store+0xc0/0x1dc\n dev_attr_store+0x38/0x88\n sysfs_kf_write+0x64/0xc0\n kernfs_fop_write_iter+0x108/0x1d0\n vfs_write+0x2f4/0x368\n ksys_write+0x7c/0xec\n __arm64_sys_write+0x20/0x30\n el0_svc_common.llvm.7279915941325364641+0xbc/0x1bc\n do_el0_svc+0x28/0xa0\n el0_svc+0x14/0x24\n el0_sync_handler+0x88/0xec\n el0_sync+0x1c0/0x200\n\nWhile at it, fix the possible NULL pointer dereference in other\nfunctions as well: of_thermal_get_temp(), of_thermal_set_emul_temp(),\nof_thermal_get_trend().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47202",
"url": "https://www.suse.com/security/cve/CVE-2021-47202"
},
{
"category": "external",
"summary": "SUSE Bug 1222878 for CVE-2021-47202",
"url": "https://bugzilla.suse.com/1222878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47202"
},
{
"cve": "CVE-2021-47203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47203"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()\n\nWhen parsing the txq list in lpfc_drain_txq(), the driver attempts to pass\nthe requests to the adapter. If such an attempt fails, a local \"fail_msg\"\nstring is set and a log message output. The job is then added to a\ncompletions list for cancellation.\n\nProcessing of any further jobs from the txq list continues, but since\n\"fail_msg\" remains set, jobs are added to the completions list regardless\nof whether a wqe was passed to the adapter. If successfully added to\ntxcmplq, jobs are added to both lists resulting in list corruption.\n\nFix by clearing the fail_msg string after adding a job to the completions\nlist. This stops the subsequent jobs from being added to the completions\nlist unless they had an appropriate failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47203",
"url": "https://www.suse.com/security/cve/CVE-2021-47203"
},
{
"category": "external",
"summary": "SUSE Bug 1222881 for CVE-2021-47203",
"url": "https://bugzilla.suse.com/1222881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47203"
},
{
"cve": "CVE-2021-47204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dpaa2-eth: fix use-after-free in dpaa2_eth_remove\n\nAccess to netdev after free_netdev() will cause use-after-free bug.\nMove debug log before free_netdev() call to avoid it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47204",
"url": "https://www.suse.com/security/cve/CVE-2021-47204"
},
{
"category": "external",
"summary": "SUSE Bug 1222787 for CVE-2021-47204",
"url": "https://bugzilla.suse.com/1222787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47204"
},
{
"cve": "CVE-2021-47205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: sunxi-ng: Unregister clocks/resets when unbinding\n\nCurrently, unbinding a CCU driver unmaps the device\u0027s MMIO region, while\nleaving its clocks/resets and their providers registered. This can cause\na page fault later when some clock operation tries to perform MMIO. Fix\nthis by separating the CCU initialization from the memory allocation,\nand then using a devres callback to unregister the clocks and resets.\n\nThis also fixes a memory leak of the `struct ccu_reset`, and uses the\ncorrect owner (the specific platform driver) for the clocks and resets.\n\nEarly OF clock providers are never unregistered, and limited error\nhandling is possible, so they are mostly unchanged. The error reporting\nis made more consistent by moving the message inside of_sunxi_ccu_probe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47205",
"url": "https://www.suse.com/security/cve/CVE-2021-47205"
},
{
"category": "external",
"summary": "SUSE Bug 1222888 for CVE-2021-47205",
"url": "https://bugzilla.suse.com/1222888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47205"
},
{
"cve": "CVE-2021-47206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: ohci-tmio: check return value after calling platform_get_resource()\n\nIt will cause null-ptr-deref if platform_get_resource() returns NULL,\nwe need check the return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47206",
"url": "https://www.suse.com/security/cve/CVE-2021-47206"
},
{
"category": "external",
"summary": "SUSE Bug 1222894 for CVE-2021-47206",
"url": "https://bugzilla.suse.com/1222894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47206"
},
{
"cve": "CVE-2021-47207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47207"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: gus: fix null pointer dereference on pointer block\n\nThe pointer block return from snd_gf1_dma_next_block could be\nnull, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47207",
"url": "https://www.suse.com/security/cve/CVE-2021-47207"
},
{
"category": "external",
"summary": "SUSE Bug 1222790 for CVE-2021-47207",
"url": "https://bugzilla.suse.com/1222790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47207"
},
{
"cve": "CVE-2021-47209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Prevent dead task groups from regaining cfs_rq\u0027s\n\nKevin is reporting crashes which point to a use-after-free of a cfs_rq\nin update_blocked_averages(). Initial debugging revealed that we\u0027ve\nlive cfs_rq\u0027s (on_list=1) in an about to be kfree()\u0027d task group in\nfree_fair_sched_group(). However, it was unclear how that can happen.\n\nHis kernel config happened to lead to a layout of struct sched_entity\nthat put the \u0027my_q\u0027 member directly into the middle of the object\nwhich makes it incidentally overlap with SLUB\u0027s freelist pointer.\nThat, in combination with SLAB_FREELIST_HARDENED\u0027s freelist pointer\nmangling, leads to a reliable access violation in form of a #GP which\nmade the UAF fail fast.\n\nMichal seems to have run into the same issue[1]. He already correctly\ndiagnosed that commit a7b359fc6a37 (\"sched/fair: Correctly insert\ncfs_rq\u0027s to list on unthrottle\") is causing the preconditions for the\nUAF to happen by re-adding cfs_rq\u0027s also to task groups that have no\nmore running tasks, i.e. also to dead ones. His analysis, however,\nmisses the real root cause and it cannot be seen from the crash\nbacktrace only, as the real offender is tg_unthrottle_up() getting\ncalled via sched_cfs_period_timer() via the timer interrupt at an\ninconvenient time.\n\nWhen unregister_fair_sched_group() unlinks all cfs_rq\u0027s from the dying\ntask group, it doesn\u0027t protect itself from getting interrupted. If the\ntimer interrupt triggers while we iterate over all CPUs or after\nunregister_fair_sched_group() has finished but prior to unlinking the\ntask group, sched_cfs_period_timer() will execute and walk the list of\ntask groups, trying to unthrottle cfs_rq\u0027s, i.e. re-add them to the\ndying task group. These will later -- in free_fair_sched_group() -- be\nkfree()\u0027ed while still being linked, leading to the fireworks Kevin\nand Michal are seeing.\n\nTo fix this race, ensure the dying task group gets unlinked first.\nHowever, simply switching the order of unregistering and unlinking the\ntask group isn\u0027t sufficient, as concurrent RCU walkers might still see\nit, as can be seen below:\n\n CPU1: CPU2:\n : timer IRQ:\n : do_sched_cfs_period_timer():\n : :\n : distribute_cfs_runtime():\n : rcu_read_lock();\n : :\n : unthrottle_cfs_rq():\n sched_offline_group(): :\n : walk_tg_tree_from(\u2026,tg_unthrottle_up,\u2026):\n list_del_rcu(\u0026tg-\u003elist); :\n (1) : list_for_each_entry_rcu(child, \u0026parent-\u003echildren, siblings)\n : :\n (2) list_del_rcu(\u0026tg-\u003esiblings); :\n : tg_unthrottle_up():\n unregister_fair_sched_group(): struct cfs_rq *cfs_rq = tg-\u003ecfs_rq[cpu_of(rq)];\n : :\n list_del_leaf_cfs_rq(tg-\u003ecfs_rq[cpu]); :\n : :\n : if (!cfs_rq_is_decayed(cfs_rq) || cfs_rq-\u003enr_running)\n (3) : list_add_leaf_cfs_rq(cfs_rq);\n : :\n : :\n : :\n : :\n : \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47209",
"url": "https://www.suse.com/security/cve/CVE-2021-47209"
},
{
"category": "external",
"summary": "SUSE Bug 1222796 for CVE-2021-47209",
"url": "https://bugzilla.suse.com/1222796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47209"
},
{
"cve": "CVE-2021-47210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47210"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tipd: Remove WARN_ON in tps6598x_block_read\n\nCalling tps6598x_block_read with a higher than allowed len can be\nhandled by just returning an error. There\u0027s no need to crash systems\nwith panic-on-warn enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47210",
"url": "https://www.suse.com/security/cve/CVE-2021-47210"
},
{
"category": "external",
"summary": "SUSE Bug 1222901 for CVE-2021-47210",
"url": "https://bugzilla.suse.com/1222901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47210"
},
{
"cve": "CVE-2021-47211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47211"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: fix null pointer dereference on pointer cs_desc\n\nThe pointer cs_desc return from snd_usb_find_clock_source could\nbe null, so there is a potential null pointer dereference issue.\nFix this by adding a null check before dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47211",
"url": "https://www.suse.com/security/cve/CVE-2021-47211"
},
{
"category": "external",
"summary": "SUSE Bug 1222869 for CVE-2021-47211",
"url": "https://bugzilla.suse.com/1222869"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47211"
},
{
"cve": "CVE-2021-47212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Update error handler for UCTX and UMEM\n\nIn the fast unload flow, the device state is set to internal error,\nwhich indicates that the driver started the destroy process.\nIn this case, when a destroy command is being executed, it should return\nMLX5_CMD_STAT_OK.\nFix MLX5_CMD_OP_DESTROY_UCTX and MLX5_CMD_OP_DESTROY_UMEM to return OK\ninstead of EIO.\n\nThis fixes a call trace in the umem release process -\n[ 2633.536695] Call Trace:\n[ 2633.537518] ib_uverbs_remove_one+0xc3/0x140 [ib_uverbs]\n[ 2633.538596] remove_client_context+0x8b/0xd0 [ib_core]\n[ 2633.539641] disable_device+0x8c/0x130 [ib_core]\n[ 2633.540615] __ib_unregister_device+0x35/0xa0 [ib_core]\n[ 2633.541640] ib_unregister_device+0x21/0x30 [ib_core]\n[ 2633.542663] __mlx5_ib_remove+0x38/0x90 [mlx5_ib]\n[ 2633.543640] auxiliary_bus_remove+0x1e/0x30 [auxiliary]\n[ 2633.544661] device_release_driver_internal+0x103/0x1f0\n[ 2633.545679] bus_remove_device+0xf7/0x170\n[ 2633.546640] device_del+0x181/0x410\n[ 2633.547606] mlx5_rescan_drivers_locked.part.10+0x63/0x160 [mlx5_core]\n[ 2633.548777] mlx5_unregister_device+0x27/0x40 [mlx5_core]\n[ 2633.549841] mlx5_uninit_one+0x21/0xc0 [mlx5_core]\n[ 2633.550864] remove_one+0x69/0xe0 [mlx5_core]\n[ 2633.551819] pci_device_remove+0x3b/0xc0\n[ 2633.552731] device_release_driver_internal+0x103/0x1f0\n[ 2633.553746] unbind_store+0xf6/0x130\n[ 2633.554657] kernfs_fop_write+0x116/0x190\n[ 2633.555567] vfs_write+0xa5/0x1a0\n[ 2633.556407] ksys_write+0x4f/0xb0\n[ 2633.557233] do_syscall_64+0x5b/0x1a0\n[ 2633.558071] entry_SYSCALL_64_after_hwframe+0x65/0xca\n[ 2633.559018] RIP: 0033:0x7f9977132648\n[ 2633.559821] Code: 89 02 48 c7 c0 ff ff ff ff eb b3 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 55 6f 2d 00 8b 00 85 c0 75 17 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 49 89 d4 55\n[ 2633.562332] RSP: 002b:00007fffb1a83888 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 2633.563472] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f9977132648\n[ 2633.564541] RDX: 000000000000000c RSI: 000055b90546e230 RDI: 0000000000000001\n[ 2633.565596] RBP: 000055b90546e230 R08: 00007f9977406860 R09: 00007f9977a54740\n[ 2633.566653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f99774056e0\n[ 2633.567692] R13: 000000000000000c R14: 00007f9977400880 R15: 000000000000000c\n[ 2633.568725] ---[ end trace 10b4fe52945e544d ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47212",
"url": "https://www.suse.com/security/cve/CVE-2021-47212"
},
{
"category": "external",
"summary": "SUSE Bug 1222709 for CVE-2021-47212",
"url": "https://bugzilla.suse.com/1222709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47212"
},
{
"cve": "CVE-2021-47214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47214"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhugetlb, userfaultfd: fix reservation restore on userfaultfd error\n\nCurrently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we\nbail out using \"goto out_release_unlock;\" in the cases where idx \u003e=\nsize, or !huge_pte_none(), the code will detect that new_pagecache_page\n== false, and so call restore_reserve_on_error(). In this case I see\nrestore_reserve_on_error() delete the reservation, and the following\ncall to remove_inode_hugepages() will increment h-\u003eresv_hugepages\ncausing a 100% reproducible leak.\n\nWe should treat the is_continue case similar to adding a page into the\npagecache and set new_pagecache_page to true, to indicate that there is\nno reservation to restore on the error path, and we need not call\nrestore_reserve_on_error(). Rename new_pagecache_page to\npage_in_pagecache to make that clear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47214",
"url": "https://www.suse.com/security/cve/CVE-2021-47214"
},
{
"category": "external",
"summary": "SUSE Bug 1222710 for CVE-2021-47214",
"url": "https://bugzilla.suse.com/1222710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47214"
},
{
"cve": "CVE-2021-47215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: kTLS, Fix crash in RX resync flow\n\nFor the TLS RX resync flow, we maintain a list of TLS contexts\nthat require some attention, to communicate their resync information\nto the HW.\nHere we fix list corruptions, by protecting the entries against\nmovements coming from resync_handle_seq_match(), until their resync\nhandling in napi is fully completed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47215",
"url": "https://www.suse.com/security/cve/CVE-2021-47215"
},
{
"category": "external",
"summary": "SUSE Bug 1222704 for CVE-2021-47215",
"url": "https://bugzilla.suse.com/1222704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47215"
},
{
"cve": "CVE-2021-47216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: advansys: Fix kernel pointer leak\n\nPointers should be printed with %p or %px rather than cast to \u0027unsigned\nlong\u0027 and printed with %lx.\n\nChange %lx to %p to print the hashed pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47216",
"url": "https://www.suse.com/security/cve/CVE-2021-47216"
},
{
"category": "external",
"summary": "SUSE Bug 1222876 for CVE-2021-47216",
"url": "https://bugzilla.suse.com/1222876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47216"
},
{
"cve": "CVE-2021-47217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47217"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails\n\nCheck for a valid hv_vp_index array prior to derefencing hv_vp_index when\nsetting Hyper-V\u0027s TSC change callback. If Hyper-V setup failed in\nhyperv_init(), the kernel will still report that it\u0027s running under\nHyper-V, but will have silently disabled nearly all functionality.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 4 PID: 1 Comm: swapper/0 Not tainted 5.15.0-rc2+ #75\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:set_hv_tscchange_cb+0x15/0xa0\n Code: \u003c8b\u003e 04 82 8b 15 12 17 85 01 48 c1 e0 20 48 0d ee 00 01 00 f6 c6 08\n ...\n Call Trace:\n kvm_arch_init+0x17c/0x280\n kvm_init+0x31/0x330\n vmx_init+0xba/0x13a\n do_one_initcall+0x41/0x1c0\n kernel_init_freeable+0x1f2/0x23b\n kernel_init+0x16/0x120\n ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47217",
"url": "https://www.suse.com/security/cve/CVE-2021-47217"
},
{
"category": "external",
"summary": "SUSE Bug 1222836 for CVE-2021-47217",
"url": "https://bugzilla.suse.com/1222836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47217"
},
{
"cve": "CVE-2021-47218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47218"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: fix NULL-pointer dereference when hashtab allocation fails\n\nWhen the hash table slot array allocation fails in hashtab_init(),\nh-\u003esize is left initialized with a non-zero value, but the h-\u003ehtable\npointer is NULL. This may then cause a NULL pointer dereference, since\nthe policydb code relies on the assumption that even after a failed\nhashtab_init(), hashtab_map() and hashtab_destroy() can be safely called\non it. Yet, these detect an empty hashtab only by looking at the size.\n\nFix this by making sure that hashtab_init() always leaves behind a valid\nempty hashtab when the allocation fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47218",
"url": "https://www.suse.com/security/cve/CVE-2021-47218"
},
{
"category": "external",
"summary": "SUSE Bug 1222791 for CVE-2021-47218",
"url": "https://bugzilla.suse.com/1222791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47218"
},
{
"cve": "CVE-2021-47219",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47219"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()\n\nThe following issue was observed running syzkaller:\n\nBUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline]\nBUG: KASAN: slab-out-of-bounds in sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831\nRead of size 2132 at addr ffff8880aea95dc8 by task syz-executor.0/9815\n\nCPU: 0 PID: 9815 Comm: syz-executor.0 Not tainted 4.19.202-00874-gfc0fe04215a9 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0xe4/0x14a lib/dump_stack.c:118\n print_address_description+0x73/0x280 mm/kasan/report.c:253\n kasan_report_error mm/kasan/report.c:352 [inline]\n kasan_report+0x272/0x370 mm/kasan/report.c:410\n memcpy+0x1f/0x50 mm/kasan/kasan.c:302\n memcpy include/linux/string.h:377 [inline]\n sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831\n fill_from_dev_buffer+0x14f/0x340 drivers/scsi/scsi_debug.c:1021\n resp_report_tgtpgs+0x5aa/0x770 drivers/scsi/scsi_debug.c:1772\n schedule_resp+0x464/0x12f0 drivers/scsi/scsi_debug.c:4429\n scsi_debug_queuecommand+0x467/0x1390 drivers/scsi/scsi_debug.c:5835\n scsi_dispatch_cmd+0x3fc/0x9b0 drivers/scsi/scsi_lib.c:1896\n scsi_request_fn+0x1042/0x1810 drivers/scsi/scsi_lib.c:2034\n __blk_run_queue_uncond block/blk-core.c:464 [inline]\n __blk_run_queue+0x1a4/0x380 block/blk-core.c:484\n blk_execute_rq_nowait+0x1c2/0x2d0 block/blk-exec.c:78\n sg_common_write.isra.19+0xd74/0x1dc0 drivers/scsi/sg.c:847\n sg_write.part.23+0x6e0/0xd00 drivers/scsi/sg.c:716\n sg_write+0x64/0xa0 drivers/scsi/sg.c:622\n __vfs_write+0xed/0x690 fs/read_write.c:485\nkill_bdev:block_device:00000000e138492c\n vfs_write+0x184/0x4c0 fs/read_write.c:549\n ksys_write+0x107/0x240 fs/read_write.c:599\n do_syscall_64+0xc2/0x560 arch/x86/entry/common.c:293\n entry_SYSCALL_64_after_hwframe+0x49/0xbe\n\nWe get \u0027alen\u0027 from command its type is int. If userspace passes a large\nlength we will get a negative \u0027alen\u0027.\n\nSwitch n, alen, and rlen to u32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47219",
"url": "https://www.suse.com/security/cve/CVE-2021-47219"
},
{
"category": "external",
"summary": "SUSE Bug 1222824 for CVE-2021-47219",
"url": "https://bugzilla.suse.com/1222824"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47219"
},
{
"cve": "CVE-2022-48631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bug in extents parsing when eh_entries == 0 and eh_depth \u003e 0\n\nWhen walking through an inode extents, the ext4_ext_binsearch_idx() function\nassumes that the extent header has been previously validated. However, there\nare no checks that verify that the number of entries (eh-\u003eeh_entries) is\nnon-zero when depth is \u003e 0. And this will lead to problems because the\nEXT_FIRST_INDEX() and EXT_LAST_INDEX() will return garbage and result in this:\n\n[ 135.245946] ------------[ cut here ]------------\n[ 135.247579] kernel BUG at fs/ext4/extents.c:2258!\n[ 135.249045] invalid opcode: 0000 [#1] PREEMPT SMP\n[ 135.250320] CPU: 2 PID: 238 Comm: tmp118 Not tainted 5.19.0-rc8+ #4\n[ 135.252067] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b-rebuilt.opensuse.org 04/01/2014\n[ 135.255065] RIP: 0010:ext4_ext_map_blocks+0xc20/0xcb0\n[ 135.256475] Code:\n[ 135.261433] RSP: 0018:ffffc900005939f8 EFLAGS: 00010246\n[ 135.262847] RAX: 0000000000000024 RBX: ffffc90000593b70 RCX: 0000000000000023\n[ 135.264765] RDX: ffff8880038e5f10 RSI: 0000000000000003 RDI: ffff8880046e922c\n[ 135.266670] RBP: ffff8880046e9348 R08: 0000000000000001 R09: ffff888002ca580c\n[ 135.268576] R10: 0000000000002602 R11: 0000000000000000 R12: 0000000000000024\n[ 135.270477] R13: 0000000000000000 R14: 0000000000000024 R15: 0000000000000000\n[ 135.272394] FS: 00007fdabdc56740(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000\n[ 135.274510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 135.276075] CR2: 00007ffc26bd4f00 CR3: 0000000006261004 CR4: 0000000000170ea0\n[ 135.277952] Call Trace:\n[ 135.278635] \u003cTASK\u003e\n[ 135.279247] ? preempt_count_add+0x6d/0xa0\n[ 135.280358] ? percpu_counter_add_batch+0x55/0xb0\n[ 135.281612] ? _raw_read_unlock+0x18/0x30\n[ 135.282704] ext4_map_blocks+0x294/0x5a0\n[ 135.283745] ? xa_load+0x6f/0xa0\n[ 135.284562] ext4_mpage_readpages+0x3d6/0x770\n[ 135.285646] read_pages+0x67/0x1d0\n[ 135.286492] ? folio_add_lru+0x51/0x80\n[ 135.287441] page_cache_ra_unbounded+0x124/0x170\n[ 135.288510] filemap_get_pages+0x23d/0x5a0\n[ 135.289457] ? path_openat+0xa72/0xdd0\n[ 135.290332] filemap_read+0xbf/0x300\n[ 135.291158] ? _raw_spin_lock_irqsave+0x17/0x40\n[ 135.292192] new_sync_read+0x103/0x170\n[ 135.293014] vfs_read+0x15d/0x180\n[ 135.293745] ksys_read+0xa1/0xe0\n[ 135.294461] do_syscall_64+0x3c/0x80\n[ 135.295284] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThis patch simply adds an extra check in __ext4_ext_check(), verifying that\neh_entries is not 0 when eh_depth is \u003e 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48631",
"url": "https://www.suse.com/security/cve/CVE-2022-48631"
},
{
"category": "external",
"summary": "SUSE Bug 1223475 for CVE-2022-48631",
"url": "https://bugzilla.suse.com/1223475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48631"
},
{
"cve": "CVE-2022-48632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\n\nmemcpy() is called in a loop while \u0027operation-\u003elength\u0027 upper bound\nis not checked and \u0027data_idx\u0027 also increments.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48632",
"url": "https://www.suse.com/security/cve/CVE-2022-48632"
},
{
"category": "external",
"summary": "SUSE Bug 1223481 for CVE-2022-48632",
"url": "https://bugzilla.suse.com/1223481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48632"
},
{
"cve": "CVE-2022-48634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gma500: Fix BUG: sleeping function called from invalid context errors\n\ngma_crtc_page_flip() was holding the event_lock spinlock while calling\ncrtc_funcs-\u003emode_set_base() which takes ww_mutex.\n\nThe only reason to hold event_lock is to clear gma_crtc-\u003epage_flip_event\non mode_set_base() errors.\n\nInstead unlock it after setting gma_crtc-\u003epage_flip_event and on\nerrors re-take the lock and clear gma_crtc-\u003epage_flip_event it\nit is still set.\n\nThis fixes the following WARN/stacktrace:\n\n[ 512.122953] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:870\n[ 512.123004] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 1253, name: gnome-shell\n[ 512.123031] preempt_count: 1, expected: 0\n[ 512.123048] RCU nest depth: 0, expected: 0\n[ 512.123066] INFO: lockdep is turned off.\n[ 512.123080] irq event stamp: 0\n[ 512.123094] hardirqs last enabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 512.123134] hardirqs last disabled at (0): [\u003cffffffff8d0ec28c\u003e] copy_process+0x9fc/0x1de0\n[ 512.123176] softirqs last enabled at (0): [\u003cffffffff8d0ec28c\u003e] copy_process+0x9fc/0x1de0\n[ 512.123207] softirqs last disabled at (0): [\u003c0000000000000000\u003e] 0x0\n[ 512.123233] Preemption disabled at:\n[ 512.123241] [\u003c0000000000000000\u003e] 0x0\n[ 512.123275] CPU: 3 PID: 1253 Comm: gnome-shell Tainted: G W 5.19.0+ #1\n[ 512.123304] Hardware name: Packard Bell dot s/SJE01_CT, BIOS V1.10 07/23/2013\n[ 512.123323] Call Trace:\n[ 512.123346] \u003cTASK\u003e\n[ 512.123370] dump_stack_lvl+0x5b/0x77\n[ 512.123412] __might_resched.cold+0xff/0x13a\n[ 512.123458] ww_mutex_lock+0x1e/0xa0\n[ 512.123495] psb_gem_pin+0x2c/0x150 [gma500_gfx]\n[ 512.123601] gma_pipe_set_base+0x76/0x240 [gma500_gfx]\n[ 512.123708] gma_crtc_page_flip+0x95/0x130 [gma500_gfx]\n[ 512.123808] drm_mode_page_flip_ioctl+0x57d/0x5d0\n[ 512.123897] ? drm_mode_cursor2_ioctl+0x10/0x10\n[ 512.123936] drm_ioctl_kernel+0xa1/0x150\n[ 512.123984] drm_ioctl+0x21f/0x420\n[ 512.124025] ? drm_mode_cursor2_ioctl+0x10/0x10\n[ 512.124070] ? rcu_read_lock_bh_held+0xb/0x60\n[ 512.124104] ? lock_release+0x1ef/0x2d0\n[ 512.124161] __x64_sys_ioctl+0x8d/0xd0\n[ 512.124203] do_syscall_64+0x58/0x80\n[ 512.124239] ? do_syscall_64+0x67/0x80\n[ 512.124267] ? trace_hardirqs_on_prepare+0x55/0xe0\n[ 512.124300] ? do_syscall_64+0x67/0x80\n[ 512.124340] ? rcu_read_lock_sched_held+0x10/0x80\n[ 512.124377] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 512.124411] RIP: 0033:0x7fcc4a70740f\n[ 512.124442] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 \u003c89\u003e c2 3d 00 f0 ff ff 77 18 48 8b 44 24 18 64 48 2b 04 25 28 00 00\n[ 512.124470] RSP: 002b:00007ffda73f5390 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[ 512.124503] RAX: ffffffffffffffda RBX: 000055cc9e474500 RCX: 00007fcc4a70740f\n[ 512.124524] RDX: 00007ffda73f5420 RSI: 00000000c01864b0 RDI: 0000000000000009\n[ 512.124544] RBP: 00007ffda73f5420 R08: 000055cc9c0b0cb0 R09: 0000000000000034\n[ 512.124564] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000c01864b0\n[ 512.124584] R13: 0000000000000009 R14: 000055cc9df484d0 R15: 000055cc9af5d0c0\n[ 512.124647] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48634",
"url": "https://www.suse.com/security/cve/CVE-2022-48634"
},
{
"category": "external",
"summary": "SUSE Bug 1223501 for CVE-2022-48634",
"url": "https://bugzilla.suse.com/1223501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48634"
},
{
"cve": "CVE-2022-48636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup\n\nFix Oops in dasd_alias_get_start_dev() function caused by the pavgroup\npointer being NULL.\n\nThe pavgroup pointer is checked on the entrance of the function but\nwithout the lcu-\u003elock being held. Therefore there is a race window\nbetween dasd_alias_get_start_dev() and _lcu_update() which sets\npavgroup to NULL with the lcu-\u003elock held.\n\nFix by checking the pavgroup pointer with lcu-\u003elock held.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48636",
"url": "https://www.suse.com/security/cve/CVE-2022-48636"
},
{
"category": "external",
"summary": "SUSE Bug 1223512 for CVE-2022-48636",
"url": "https://bugzilla.suse.com/1223512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48636"
},
{
"cve": "CVE-2022-48637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt: prevent skb UAF after handing over to PTP worker\n\nWhen reading the timestamp is required bnxt_tx_int() hands\nover the ownership of the completed skb to the PTP worker.\nThe skb should not be used afterwards, as the worker may\nrun before the rest of our code and free the skb, leading\nto a use-after-free.\n\nSince dev_kfree_skb_any() accepts NULL make the loss of\nownership more obvious and set skb to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48637",
"url": "https://www.suse.com/security/cve/CVE-2022-48637"
},
{
"category": "external",
"summary": "SUSE Bug 1223517 for CVE-2022-48637",
"url": "https://bugzilla.suse.com/1223517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48637"
},
{
"cve": "CVE-2022-48638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup: cgroup_get_from_id() must check the looked-up kn is a directory\n\ncgroup has to be one kernfs dir, otherwise kernel panic is caused,\nespecially cgroup id is provide from userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48638",
"url": "https://www.suse.com/security/cve/CVE-2022-48638"
},
{
"category": "external",
"summary": "SUSE Bug 1223522 for CVE-2022-48638",
"url": "https://bugzilla.suse.com/1223522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48638"
},
{
"cve": "CVE-2022-48639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix possible refcount leak in tc_new_tfilter()\n\ntfilter_put need to be called to put the refount got by tp-\u003eops-\u003eget to\navoid possible refcount leak when chain-\u003etmplt_ops != NULL and\nchain-\u003etmplt_ops != tp-\u003eops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48639",
"url": "https://www.suse.com/security/cve/CVE-2022-48639"
},
{
"category": "external",
"summary": "SUSE Bug 1223490 for CVE-2022-48639",
"url": "https://bugzilla.suse.com/1223490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48639"
},
{
"cve": "CVE-2022-48640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix NULL deref in bond_rr_gen_slave_id\n\nFix a NULL dereference of the struct bonding.rr_tx_counter member because\nif a bond is initially created with an initial mode != zero (Round Robin)\nthe memory required for the counter is never created and when the mode is\nchanged there is never any attempt to verify the memory is allocated upon\nswitching modes.\n\nThis causes the following Oops on an aarch64 machine:\n [ 334.686773] Unable to handle kernel paging request at virtual address ffff2c91ac905000\n [ 334.694703] Mem abort info:\n [ 334.697486] ESR = 0x0000000096000004\n [ 334.701234] EC = 0x25: DABT (current EL), IL = 32 bits\n [ 334.706536] SET = 0, FnV = 0\n [ 334.709579] EA = 0, S1PTW = 0\n [ 334.712719] FSC = 0x04: level 0 translation fault\n [ 334.717586] Data abort info:\n [ 334.720454] ISV = 0, ISS = 0x00000004\n [ 334.724288] CM = 0, WnR = 0\n [ 334.727244] swapper pgtable: 4k pages, 48-bit VAs, pgdp=000008044d662000\n [ 334.733944] [ffff2c91ac905000] pgd=0000000000000000, p4d=0000000000000000\n [ 334.740734] Internal error: Oops: 96000004 [#1] SMP\n [ 334.745602] Modules linked in: bonding tls veth rfkill sunrpc arm_spe_pmu vfat fat acpi_ipmi ipmi_ssif ixgbe igb i40e mdio ipmi_devintf ipmi_msghandler arm_cmn arm_dsu_pmu cppc_cpufreq acpi_tad fuse zram crct10dif_ce ast ghash_ce sbsa_gwdt nvme drm_vram_helper drm_ttm_helper nvme_core ttm xgene_hwmon\n [ 334.772217] CPU: 7 PID: 2214 Comm: ping Not tainted 6.0.0-rc4-00133-g64ae13ed4784 #4\n [ 334.779950] Hardware name: GIGABYTE R272-P31-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021\n [ 334.789244] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n [ 334.796196] pc : bond_rr_gen_slave_id+0x40/0x124 [bonding]\n [ 334.801691] lr : bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding]\n [ 334.807962] sp : ffff8000221733e0\n [ 334.811265] x29: ffff8000221733e0 x28: ffffdbac8572d198 x27: ffff80002217357c\n [ 334.818392] x26: 000000000000002a x25: ffffdbacb33ee000 x24: ffff07ff980fa000\n [ 334.825519] x23: ffffdbacb2e398ba x22: ffff07ff98102000 x21: ffff07ff981029c0\n [ 334.832646] x20: 0000000000000001 x19: ffff07ff981029c0 x18: 0000000000000014\n [ 334.839773] x17: 0000000000000000 x16: ffffdbacb1004364 x15: 0000aaaabe2f5a62\n [ 334.846899] x14: ffff07ff8e55d968 x13: ffff07ff8e55db30 x12: 0000000000000000\n [ 334.854026] x11: ffffdbacb21532e8 x10: 0000000000000001 x9 : ffffdbac857178ec\n [ 334.861153] x8 : ffff07ff9f6e5a28 x7 : 0000000000000000 x6 : 000000007c2b3742\n [ 334.868279] x5 : ffff2c91ac905000 x4 : ffff2c91ac905000 x3 : ffff07ff9f554400\n [ 334.875406] x2 : ffff2c91ac905000 x1 : 0000000000000001 x0 : ffff07ff981029c0\n [ 334.882532] Call trace:\n [ 334.884967] bond_rr_gen_slave_id+0x40/0x124 [bonding]\n [ 334.890109] bond_xmit_roundrobin_slave_get+0x38/0xdc [bonding]\n [ 334.896033] __bond_start_xmit+0x128/0x3a0 [bonding]\n [ 334.901001] bond_start_xmit+0x54/0xb0 [bonding]\n [ 334.905622] dev_hard_start_xmit+0xb4/0x220\n [ 334.909798] __dev_queue_xmit+0x1a0/0x720\n [ 334.913799] arp_xmit+0x3c/0xbc\n [ 334.916932] arp_send_dst+0x98/0xd0\n [ 334.920410] arp_solicit+0xe8/0x230\n [ 334.923888] neigh_probe+0x60/0xb0\n [ 334.927279] __neigh_event_send+0x3b0/0x470\n [ 334.931453] neigh_resolve_output+0x70/0x90\n [ 334.935626] ip_finish_output2+0x158/0x514\n [ 334.939714] __ip_finish_output+0xac/0x1a4\n [ 334.943800] ip_finish_output+0x40/0xfc\n [ 334.947626] ip_output+0xf8/0x1a4\n [ 334.950931] ip_send_skb+0x5c/0x100\n [ 334.954410] ip_push_pending_frames+0x3c/0x60\n [ 334.958758] raw_sendmsg+0x458/0x6d0\n [ 334.962325] inet_sendmsg+0x50/0x80\n [ 334.965805] sock_sendmsg+0x60/0x6c\n [ 334.969286] __sys_sendto+0xc8/0x134\n [ 334.972853] __arm64_sys_sendto+0x34/0x4c\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48640",
"url": "https://www.suse.com/security/cve/CVE-2022-48640"
},
{
"category": "external",
"summary": "SUSE Bug 1223499 for CVE-2022-48640",
"url": "https://bugzilla.suse.com/1223499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48640"
},
{
"cve": "CVE-2022-48642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48642"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()\n\nIt seems to me that percpu memory for chain stats started leaking since\ncommit 3bc158f8d0330f0a (\"netfilter: nf_tables: map basechain priority to\nhardware priority\") when nft_chain_offload_priority() returned an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48642",
"url": "https://www.suse.com/security/cve/CVE-2022-48642"
},
{
"category": "external",
"summary": "SUSE Bug 1223478 for CVE-2022-48642",
"url": "https://bugzilla.suse.com/1223478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2022-48642"
},
{
"cve": "CVE-2022-48644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: avoid disabling offload when it was never enabled\n\nIn an incredibly strange API design decision, qdisc-\u003edestroy() gets\ncalled even if qdisc-\u003einit() never succeeded, not exclusively since\ncommit 87b60cfacf9f (\"net_sched: fix error recovery at qdisc creation\"),\nbut apparently also earlier (in the case of qdisc_create_dflt()).\n\nThe taprio qdisc does not fully acknowledge this when it attempts full\noffload, because it starts off with q-\u003eflags = TAPRIO_FLAGS_INVALID in\ntaprio_init(), then it replaces q-\u003eflags with TCA_TAPRIO_ATTR_FLAGS\nparsed from netlink (in taprio_change(), tail called from taprio_init()).\n\nBut in taprio_destroy(), we call taprio_disable_offload(), and this\ndetermines what to do based on FULL_OFFLOAD_IS_ENABLED(q-\u003eflags).\n\nBut looking at the implementation of FULL_OFFLOAD_IS_ENABLED()\n(a bitwise check of bit 1 in q-\u003eflags), it is invalid to call this macro\non q-\u003eflags when it contains TAPRIO_FLAGS_INVALID, because that is set\nto U32_MAX, and therefore FULL_OFFLOAD_IS_ENABLED() will return true on\nan invalid set of flags.\n\nAs a result, it is possible to crash the kernel if user space forces an\nerror between setting q-\u003eflags = TAPRIO_FLAGS_INVALID, and the calling\nof taprio_enable_offload(). This is because drivers do not expect the\noffload to be disabled when it was never enabled.\n\nThe error that we force here is to attach taprio as a non-root qdisc,\nbut instead as child of an mqprio root qdisc:\n\n$ tc qdisc add dev swp0 root handle 1: \\\n\tmqprio num_tc 8 map 0 1 2 3 4 5 6 7 \\\n\tqueues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 hw 0\n$ tc qdisc replace dev swp0 parent 1:1 \\\n\ttaprio num_tc 8 map 0 1 2 3 4 5 6 7 \\\n\tqueues 1@0 1@1 1@2 1@3 1@4 1@5 1@6 1@7 base-time 0 \\\n\tsched-entry S 0x7f 990000 sched-entry S 0x80 100000 \\\n\tflags 0x0 clockid CLOCK_TAI\nUnable to handle kernel paging request at virtual address fffffffffffffff8\n[fffffffffffffff8] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 96000004 [#1] PREEMPT SMP\nCall trace:\n taprio_dump+0x27c/0x310\n vsc9959_port_setup_tc+0x1f4/0x460\n felix_port_setup_tc+0x24/0x3c\n dsa_slave_setup_tc+0x54/0x27c\n taprio_disable_offload.isra.0+0x58/0xe0\n taprio_destroy+0x80/0x104\n qdisc_create+0x240/0x470\n tc_modify_qdisc+0x1fc/0x6b0\n rtnetlink_rcv_msg+0x12c/0x390\n netlink_rcv_skb+0x5c/0x130\n rtnetlink_rcv+0x1c/0x2c\n\nFix this by keeping track of the operations we made, and undo the\noffload only if we actually did it.\n\nI\u0027ve added \"bool offloaded\" inside a 4 byte hole between \"int clockid\"\nand \"atomic64_t picos_per_byte\". Now the first cache line looks like\nbelow:\n\n$ pahole -C taprio_sched net/sched/sch_taprio.o\nstruct taprio_sched {\n struct Qdisc * * qdiscs; /* 0 8 */\n struct Qdisc * root; /* 8 8 */\n u32 flags; /* 16 4 */\n enum tk_offsets tk_offset; /* 20 4 */\n int clockid; /* 24 4 */\n bool offloaded; /* 28 1 */\n\n /* XXX 3 bytes hole, try to pack */\n\n atomic64_t picos_per_byte; /* 32 0 */\n\n /* XXX 8 bytes hole, try to pack */\n\n spinlock_t current_entry_lock; /* 40 0 */\n\n /* XXX 8 bytes hole, try to pack */\n\n struct sched_entry * current_entry; /* 48 8 */\n struct sched_gate_list * oper_sched; /* 56 8 */\n /* --- cacheline 1 boundary (64 bytes) --- */",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48644",
"url": "https://www.suse.com/security/cve/CVE-2022-48644"
},
{
"category": "external",
"summary": "SUSE Bug 1223511 for CVE-2022-48644",
"url": "https://bugzilla.suse.com/1223511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48644"
},
{
"cve": "CVE-2022-48646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc/siena: fix null pointer dereference in efx_hard_start_xmit\n\nLike in previous patch for sfc, prevent potential (but unlikely) NULL\npointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48646",
"url": "https://www.suse.com/security/cve/CVE-2022-48646"
},
{
"category": "external",
"summary": "SUSE Bug 1223502 for CVE-2022-48646",
"url": "https://bugzilla.suse.com/1223502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48646"
},
{
"cve": "CVE-2022-48647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix TX channel offset when using legacy interrupts\n\nIn legacy interrupt mode the tx_channel_offset was hardcoded to 1, but\nthat\u0027s not correct if efx_sepparate_tx_channels is false. In that case,\nthe offset is 0 because the tx queues are in the single existing channel\nat index 0, together with the rx queue.\n\nWithout this fix, as soon as you try to send any traffic, it tries to\nget the tx queues from an uninitialized channel getting these errors:\n WARNING: CPU: 1 PID: 0 at drivers/net/ethernet/sfc/tx.c:540 efx_hard_start_xmit+0x12e/0x170 [sfc]\n [...]\n RIP: 0010:efx_hard_start_xmit+0x12e/0x170 [sfc]\n [...]\n Call Trace:\n \u003cIRQ\u003e\n dev_hard_start_xmit+0xd7/0x230\n sch_direct_xmit+0x9f/0x360\n __dev_queue_xmit+0x890/0xa40\n [...]\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000020\n [...]\n RIP: 0010:efx_hard_start_xmit+0x153/0x170 [sfc]\n [...]\n Call Trace:\n \u003cIRQ\u003e\n dev_hard_start_xmit+0xd7/0x230\n sch_direct_xmit+0x9f/0x360\n __dev_queue_xmit+0x890/0xa40\n [...]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48647",
"url": "https://www.suse.com/security/cve/CVE-2022-48647"
},
{
"category": "external",
"summary": "SUSE Bug 1223519 for CVE-2022-48647",
"url": "https://bugzilla.suse.com/1223519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48647"
},
{
"cve": "CVE-2022-48648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix null pointer dereference in efx_hard_start_xmit\n\nTrying to get the channel from the tx_queue variable here is wrong\nbecause we can only be here if tx_queue is NULL, so we shouldn\u0027t\ndereference it. As the above comment in the code says, this is very\nunlikely to happen, but it\u0027s wrong anyway so let\u0027s fix it.\n\nI hit this issue because of a different bug that caused tx_queue to be\nNULL. If that happens, this is the error message that we get here:\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000020\n [...]\n RIP: 0010:efx_hard_start_xmit+0x153/0x170 [sfc]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48648",
"url": "https://www.suse.com/security/cve/CVE-2022-48648"
},
{
"category": "external",
"summary": "SUSE Bug 1223503 for CVE-2022-48648",
"url": "https://bugzilla.suse.com/1223503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48648"
},
{
"cve": "CVE-2022-48650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()\n\nCommit 8f394da36a36 (\"scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG\")\nmade the __qlt_24xx_handle_abts() function return early if\ntcm_qla2xxx_find_cmd_by_tag() didn\u0027t find a command, but it missed to clean\nup the allocated memory for the management command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48650",
"url": "https://www.suse.com/security/cve/CVE-2022-48650"
},
{
"category": "external",
"summary": "SUSE Bug 1223509 for CVE-2022-48650",
"url": "https://bugzilla.suse.com/1223509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48650"
},
{
"cve": "CVE-2022-48651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n 1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n 2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48651",
"url": "https://www.suse.com/security/cve/CVE-2022-48651"
},
{
"category": "external",
"summary": "SUSE Bug 1223513 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "external",
"summary": "SUSE Bug 1223514 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2022-48651"
},
{
"cve": "CVE-2022-48652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix crash by keep old cfg when update TCs more than queues\n\nThere are problems if allocated queues less than Traffic Classes.\n\nCommit a632b2a4c920 (\"ice: ethtool: Prohibit improper channel config\nfor DCB\") already disallow setting less queues than TCs.\n\nAnother case is if we first set less queues, and later update more TCs\nconfig due to LLDP, ice_vsi_cfg_tc() will failed but left dirty\nnum_txq/rxq and tc_cfg in vsi, that will cause invalid pointer access.\n\n[ 95.968089] ice 0000:3b:00.1: More TCs defined than queues/rings allocated.\n[ 95.968092] ice 0000:3b:00.1: Trying to use more Rx queues (8), than were allocated (1)!\n[ 95.968093] ice 0000:3b:00.1: Failed to config TC for VSI index: 0\n[ 95.969621] general protection fault: 0000 [#1] SMP NOPTI\n[ 95.969705] CPU: 1 PID: 58405 Comm: lldpad Kdump: loaded Tainted: G U W O --------- -t - 4.18.0 #1\n[ 95.969867] Hardware name: O.E.M/BC11SPSCB10, BIOS 8.23 12/30/2021\n[ 95.969992] RIP: 0010:devm_kmalloc+0xa/0x60\n[ 95.970052] Code: 5c ff ff ff 31 c0 5b 5d 41 5c c3 b8 f4 ff ff ff eb f4 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 89 d1 \u003c8b\u003e 97 60 02 00 00 48 8d 7e 18 48 39 f7 72 3f 55 89 ce 53 48 8b 4c\n[ 95.970344] RSP: 0018:ffffc9003f553888 EFLAGS: 00010206\n[ 95.970425] RAX: dead000000000200 RBX: ffffea003c425b00 RCX: 00000000006080c0\n[ 95.970536] RDX: 00000000006080c0 RSI: 0000000000000200 RDI: dead000000000200\n[ 95.970648] RBP: dead000000000200 R08: 00000000000463c0 R09: ffff888ffa900000\n[ 95.970760] R10: 0000000000000000 R11: 0000000000000002 R12: ffff888ff6b40100\n[ 95.970870] R13: ffff888ff6a55018 R14: 0000000000000000 R15: ffff888ff6a55460\n[ 95.970981] FS: 00007f51b7d24700(0000) GS:ffff88903ee80000(0000) knlGS:0000000000000000\n[ 95.971108] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 95.971197] CR2: 00007fac5410d710 CR3: 0000000f2c1de002 CR4: 00000000007606e0\n[ 95.971309] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 95.971419] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 95.971530] PKRU: 55555554\n[ 95.971573] Call Trace:\n[ 95.971622] ice_setup_rx_ring+0x39/0x110 [ice]\n[ 95.971695] ice_vsi_setup_rx_rings+0x54/0x90 [ice]\n[ 95.971774] ice_vsi_open+0x25/0x120 [ice]\n[ 95.971843] ice_open_internal+0xb8/0x1f0 [ice]\n[ 95.971919] ice_ena_vsi+0x4f/0xd0 [ice]\n[ 95.971987] ice_dcb_ena_dis_vsi.constprop.5+0x29/0x90 [ice]\n[ 95.972082] ice_pf_dcb_cfg+0x29a/0x380 [ice]\n[ 95.972154] ice_dcbnl_setets+0x174/0x1b0 [ice]\n[ 95.972220] dcbnl_ieee_set+0x89/0x230\n[ 95.972279] ? dcbnl_ieee_del+0x150/0x150\n[ 95.972341] dcb_doit+0x124/0x1b0\n[ 95.972392] rtnetlink_rcv_msg+0x243/0x2f0\n[ 95.972457] ? dcb_doit+0x14d/0x1b0\n[ 95.972510] ? __kmalloc_node_track_caller+0x1d3/0x280\n[ 95.972591] ? rtnl_calcit.isra.31+0x100/0x100\n[ 95.972661] netlink_rcv_skb+0xcf/0xf0\n[ 95.972720] netlink_unicast+0x16d/0x220\n[ 95.972781] netlink_sendmsg+0x2ba/0x3a0\n[ 95.975891] sock_sendmsg+0x4c/0x50\n[ 95.979032] ___sys_sendmsg+0x2e4/0x300\n[ 95.982147] ? kmem_cache_alloc+0x13e/0x190\n[ 95.985242] ? __wake_up_common_lock+0x79/0x90\n[ 95.988338] ? __check_object_size+0xac/0x1b0\n[ 95.991440] ? _copy_to_user+0x22/0x30\n[ 95.994539] ? move_addr_to_user+0xbb/0xd0\n[ 95.997619] ? __sys_sendmsg+0x53/0x80\n[ 96.000664] __sys_sendmsg+0x53/0x80\n[ 96.003747] do_syscall_64+0x5b/0x1d0\n[ 96.006862] entry_SYSCALL_64_after_hwframe+0x65/0xca\n\nOnly update num_txq/rxq when passed check, and restore tc_cfg if setup\nqueue map failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48652",
"url": "https://www.suse.com/security/cve/CVE-2022-48652"
},
{
"category": "external",
"summary": "SUSE Bug 1223520 for CVE-2022-48652",
"url": "https://bugzilla.suse.com/1223520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48652"
},
{
"cve": "CVE-2022-48653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Don\u0027t double unplug aux on peer initiated reset\n\nIn the IDC callback that is accessed when the aux drivers request a reset,\nthe function to unplug the aux devices is called. This function is also\ncalled in the ice_prepare_for_reset function. This double call is causing\na \"scheduling while atomic\" BUG.\n\n[ 662.676430] ice 0000:4c:00.0 rocep76s0: cqp opcode = 0x1 maj_err_code = 0xffff min_err_code = 0x8003\n\n[ 662.676609] ice 0000:4c:00.0 rocep76s0: [Modify QP Cmd Error][op_code=8] status=-29 waiting=1 completion_err=1 maj=0xffff min=0x8003\n\n[ 662.815006] ice 0000:4c:00.0 rocep76s0: ICE OICR event notification: oicr = 0x10000003\n\n[ 662.815014] ice 0000:4c:00.0 rocep76s0: critical PE Error, GLPE_CRITERR=0x00011424\n\n[ 662.815017] ice 0000:4c:00.0 rocep76s0: Requesting a reset\n\n[ 662.815475] BUG: scheduling while atomic: swapper/37/0/0x00010002\n\n[ 662.815475] BUG: scheduling while atomic: swapper/37/0/0x00010002\n[ 662.815477] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs rfkill 8021q garp mrp stp llc vfat fat rpcrdma intel_rapl_msr intel_rapl_common sunrpc i10nm_edac rdma_ucm nfit ib_srpt libnvdimm ib_isert iscsi_target_mod x86_pkg_temp_thermal intel_powerclamp coretemp target_core_mod snd_hda_intel ib_iser snd_intel_dspcfg libiscsi snd_intel_sdw_acpi scsi_transport_iscsi kvm_intel iTCO_wdt rdma_cm snd_hda_codec kvm iw_cm ipmi_ssif iTCO_vendor_support snd_hda_core irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel snd_hwdep snd_seq snd_seq_device rapl snd_pcm snd_timer isst_if_mbox_pci pcspkr isst_if_mmio irdma intel_uncore idxd acpi_ipmi joydev isst_if_common snd mei_me idxd_bus ipmi_si soundcore i2c_i801 mei ipmi_devintf i2c_smbus i2c_ismt ipmi_msghandler acpi_power_meter acpi_pad rv(OE) ib_uverbs ib_cm ib_core xfs libcrc32c ast i2c_algo_bit drm_vram_helper drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops drm_ttm_helpe\n r ttm\n[ 662.815546] nvme nvme_core ice drm crc32c_intel i40e t10_pi wmi pinctrl_emmitsburg dm_mirror dm_region_hash dm_log dm_mod fuse\n[ 662.815557] Preemption disabled at:\n[ 662.815558] [\u003c0000000000000000\u003e] 0x0\n[ 662.815563] CPU: 37 PID: 0 Comm: swapper/37 Kdump: loaded Tainted: G S OE 5.17.1 #2\n[ 662.815566] Hardware name: Intel Corporation D50DNP/D50DNP, BIOS SE5C6301.86B.6624.D18.2111021741 11/02/2021\n[ 662.815568] Call Trace:\n[ 662.815572] \u003cIRQ\u003e\n[ 662.815574] dump_stack_lvl+0x33/0x42\n[ 662.815581] __schedule_bug.cold.147+0x7d/0x8a\n[ 662.815588] __schedule+0x798/0x990\n[ 662.815595] schedule+0x44/0xc0\n[ 662.815597] schedule_preempt_disabled+0x14/0x20\n[ 662.815600] __mutex_lock.isra.11+0x46c/0x490\n[ 662.815603] ? __ibdev_printk+0x76/0xc0 [ib_core]\n[ 662.815633] device_del+0x37/0x3d0\n[ 662.815639] ice_unplug_aux_dev+0x1a/0x40 [ice]\n[ 662.815674] ice_schedule_reset+0x3c/0xd0 [ice]\n[ 662.815693] irdma_iidc_event_handler.cold.7+0xb6/0xd3 [irdma]\n[ 662.815712] ? bitmap_find_next_zero_area_off+0x45/0xa0\n[ 662.815719] ice_send_event_to_aux+0x54/0x70 [ice]\n[ 662.815741] ice_misc_intr+0x21d/0x2d0 [ice]\n[ 662.815756] __handle_irq_event_percpu+0x4c/0x180\n[ 662.815762] handle_irq_event_percpu+0xf/0x40\n[ 662.815764] handle_irq_event+0x34/0x60\n[ 662.815766] handle_edge_irq+0x9a/0x1c0\n[ 662.815770] __common_interrupt+0x62/0x100\n[ 662.815774] common_interrupt+0xb4/0xd0\n[ 662.815779] \u003c/IRQ\u003e\n[ 662.815780] \u003cTASK\u003e\n[ 662.815780] asm_common_interrupt+0x1e/0x40\n[ 662.815785] RIP: 0010:cpuidle_enter_state+0xd6/0x380\n[ 662.815789] Code: 49 89 c4 0f 1f 44 00 00 31 ff e8 65 d7 95 ff 45 84 ff 74 12 9c 58 f6 c4 02 0f 85 64 02 00 00 31 ff e8 ae c5 9c ff fb 45 85 f6 \u003c0f\u003e 88 12 01 00 00 49 63 d6 4c 2b 24 24 48 8d 04 52 48 8d 04 82 49\n[ 662.815791] RSP: 0018:ff2c2c4f18edbe80 EFLAGS: 00000202\n[ 662.815793] RAX: ff280805df140000 RBX: 0000000000000002 RCX: 000000000000001f\n[ 662.815795] RDX: 0000009a52da2d08 R\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48653",
"url": "https://www.suse.com/security/cve/CVE-2022-48653"
},
{
"category": "external",
"summary": "SUSE Bug 1223474 for CVE-2022-48653",
"url": "https://bugzilla.suse.com/1223474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2022-48653"
},
{
"cve": "CVE-2022-48654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48654"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()\n\nnf_osf_find() incorrectly returns true on mismatch, this leads to\ncopying uninitialized memory area in nft_osf which can be used to leak\nstale kernel stack data to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48654",
"url": "https://www.suse.com/security/cve/CVE-2022-48654"
},
{
"category": "external",
"summary": "SUSE Bug 1223482 for CVE-2022-48654",
"url": "https://bugzilla.suse.com/1223482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2022-48654"
},
{
"cve": "CVE-2022-48655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Harden accesses to the reset domains\n\nAccessing reset domains descriptors by the index upon the SCMI drivers\nrequests through the SCMI reset operations interface can potentially\nlead to out-of-bound violations if the SCMI driver misbehave.\n\nAdd an internal consistency check before any such domains descriptors\naccesses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48655",
"url": "https://www.suse.com/security/cve/CVE-2022-48655"
},
{
"category": "external",
"summary": "SUSE Bug 1223477 for CVE-2022-48655",
"url": "https://bugzilla.suse.com/1223477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48655"
},
{
"cve": "CVE-2022-48656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()\n\nWe should call of_node_put() for the reference returned by\nof_parse_phandle() in fail path or when it is not used anymore.\nHere we only need to move the of_node_put() before the check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48656",
"url": "https://www.suse.com/security/cve/CVE-2022-48656"
},
{
"category": "external",
"summary": "SUSE Bug 1223479 for CVE-2022-48656",
"url": "https://bugzilla.suse.com/1223479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2022-48656"
},
{
"cve": "CVE-2022-48657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48657"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: topology: fix possible overflow in amu_fie_setup()\n\ncpufreq_get_hw_max_freq() returns max frequency in kHz as *unsigned int*,\nwhile freq_inv_set_max_ratio() gets passed this frequency in Hz as \u0027u64\u0027.\nMultiplying max frequency by 1000 can potentially result in overflow --\nmultiplying by 1000ULL instead should avoid that...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48657",
"url": "https://www.suse.com/security/cve/CVE-2022-48657"
},
{
"category": "external",
"summary": "SUSE Bug 1223484 for CVE-2022-48657",
"url": "https://bugzilla.suse.com/1223484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2022-48657"
},
{
"cve": "CVE-2022-48658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context.\n\nCommit 5a836bf6b09f (\"mm: slub: move flush_cpu_slab() invocations\n__free_slab() invocations out of IRQ context\") moved all flush_cpu_slab()\ninvocations to the global workqueue to avoid a problem related\nwith deactivate_slab()/__free_slab() being called from an IRQ context\non PREEMPT_RT kernels.\n\nWhen the flush_all_cpu_locked() function is called from a task context\nit may happen that a workqueue with WQ_MEM_RECLAIM bit set ends up\nflushing the global workqueue, this will cause a dependency issue.\n\n workqueue: WQ_MEM_RECLAIM nvme-delete-wq:nvme_delete_ctrl_work [nvme_core]\n is flushing !WQ_MEM_RECLAIM events:flush_cpu_slab\n WARNING: CPU: 37 PID: 410 at kernel/workqueue.c:2637\n check_flush_dependency+0x10a/0x120\n Workqueue: nvme-delete-wq nvme_delete_ctrl_work [nvme_core]\n RIP: 0010:check_flush_dependency+0x10a/0x120[ 453.262125] Call Trace:\n __flush_work.isra.0+0xbf/0x220\n ? __queue_work+0x1dc/0x420\n flush_all_cpus_locked+0xfb/0x120\n __kmem_cache_shutdown+0x2b/0x320\n kmem_cache_destroy+0x49/0x100\n bioset_exit+0x143/0x190\n blk_release_queue+0xb9/0x100\n kobject_cleanup+0x37/0x130\n nvme_fc_ctrl_free+0xc6/0x150 [nvme_fc]\n nvme_free_ctrl+0x1ac/0x2b0 [nvme_core]\n\nFix this bug by creating a workqueue for the flush operation with\nthe WQ_MEM_RECLAIM bit set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48658",
"url": "https://www.suse.com/security/cve/CVE-2022-48658"
},
{
"category": "external",
"summary": "SUSE Bug 1223496 for CVE-2022-48658",
"url": "https://bugzilla.suse.com/1223496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48658"
},
{
"cve": "CVE-2022-48659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: fix to return errno if kmalloc() fails\n\nIn create_unique_id(), kmalloc(, GFP_KERNEL) can fail due to\nout-of-memory, if it fails, return errno correctly rather than\ntriggering panic via BUG_ON();\n\nkernel BUG at mm/slub.c:5893!\nInternal error: Oops - BUG: 0 [#1] PREEMPT SMP\n\nCall trace:\n sysfs_slab_add+0x258/0x260 mm/slub.c:5973\n __kmem_cache_create+0x60/0x118 mm/slub.c:4899\n create_cache mm/slab_common.c:229 [inline]\n kmem_cache_create_usercopy+0x19c/0x31c mm/slab_common.c:335\n kmem_cache_create+0x1c/0x28 mm/slab_common.c:390\n f2fs_kmem_cache_create fs/f2fs/f2fs.h:2766 [inline]\n f2fs_init_xattr_caches+0x78/0xb4 fs/f2fs/xattr.c:808\n f2fs_fill_super+0x1050/0x1e0c fs/f2fs/super.c:4149\n mount_bdev+0x1b8/0x210 fs/super.c:1400\n f2fs_mount+0x44/0x58 fs/f2fs/super.c:4512\n legacy_get_tree+0x30/0x74 fs/fs_context.c:610\n vfs_get_tree+0x40/0x140 fs/super.c:1530\n do_new_mount+0x1dc/0x4e4 fs/namespace.c:3040\n path_mount+0x358/0x914 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __arm64_sys_mount+0x2f8/0x408 fs/namespace.c:3568",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48659",
"url": "https://www.suse.com/security/cve/CVE-2022-48659"
},
{
"category": "external",
"summary": "SUSE Bug 1223498 for CVE-2022-48659",
"url": "https://bugzilla.suse.com/1223498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48659"
},
{
"cve": "CVE-2022-48660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Set lineevent_state::irq after IRQ register successfully\n\nWhen running gpio test on nxp-ls1028 platform with below command\ngpiomon --num-events=3 --rising-edge gpiochip1 25\nThere will be a warning trace as below:\nCall trace:\nfree_irq+0x204/0x360\nlineevent_free+0x64/0x70\ngpio_ioctl+0x598/0x6a0\n__arm64_sys_ioctl+0xb4/0x100\ninvoke_syscall+0x5c/0x130\n......\nel0t_64_sync+0x1a0/0x1a4\nThe reason of this issue is that calling request_threaded_irq()\nfunction failed, and then lineevent_free() is invoked to release\nthe resource. Since the lineevent_state::irq was already set, so\nthe subsequent invocation of free_irq() would trigger the above\nwarning call trace. To fix this issue, set the lineevent_state::irq\nafter the IRQ register successfully.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48660",
"url": "https://www.suse.com/security/cve/CVE-2022-48660"
},
{
"category": "external",
"summary": "SUSE Bug 1223487 for CVE-2022-48660",
"url": "https://bugzilla.suse.com/1223487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2022-48660"
},
{
"cve": "CVE-2022-48662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48662"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: Really move i915_gem_context.link under ref protection\n\ni915_perf assumes that it can use the i915_gem_context reference to\nprotect its i915-\u003egem.contexts.list iteration. However, this requires\nthat we do not remove the context from the list until after we drop the\nfinal reference and release the struct. If, as currently, we remove the\ncontext from the list during context_close(), the link.next pointer may\nbe poisoned while we are holding the context reference and cause a GPF:\n\n[ 4070.573157] i915 0000:00:02.0: [drm:i915_perf_open_ioctl [i915]] filtering on ctx_id=0x1fffff ctx_id_mask=0x1fffff\n[ 4070.574881] general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] PREEMPT SMP\n[ 4070.574897] CPU: 1 PID: 284392 Comm: amd_performance Tainted: G E 5.17.9 #180\n[ 4070.574903] Hardware name: Intel Corporation NUC7i5BNK/NUC7i5BNB, BIOS BNKBL357.86A.0052.2017.0918.1346 09/18/2017\n[ 4070.574907] RIP: 0010:oa_configure_all_contexts.isra.0+0x222/0x350 [i915]\n[ 4070.574982] Code: 08 e8 32 6e 10 e1 4d 8b 6d 50 b8 ff ff ff ff 49 83 ed 50 f0 41 0f c1 04 24 83 f8 01 0f 84 e3 00 00 00 85 c0 0f 8e fa 00 00 00 \u003c49\u003e 8b 45 50 48 8d 70 b0 49 8d 45 50 48 39 44 24 10 0f 85 34 fe ff\n[ 4070.574990] RSP: 0018:ffffc90002077b78 EFLAGS: 00010202\n[ 4070.574995] RAX: 0000000000000002 RBX: 0000000000000002 RCX: 0000000000000000\n[ 4070.575000] RDX: 0000000000000001 RSI: ffffc90002077b20 RDI: ffff88810ddc7c68\n[ 4070.575004] RBP: 0000000000000001 R08: ffff888103242648 R09: fffffffffffffffc\n[ 4070.575008] R10: ffffffff82c50bc0 R11: 0000000000025c80 R12: ffff888101bf1860\n[ 4070.575012] R13: dead0000000000b0 R14: ffffc90002077c04 R15: ffff88810be5cabc\n[ 4070.575016] FS: 00007f1ed50c0780(0000) GS:ffff88885ec80000(0000) knlGS:0000000000000000\n[ 4070.575021] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4070.575025] CR2: 00007f1ed5590280 CR3: 000000010ef6f005 CR4: 00000000003706e0\n[ 4070.575029] Call Trace:\n[ 4070.575033] \u003cTASK\u003e\n[ 4070.575037] lrc_configure_all_contexts+0x13e/0x150 [i915]\n[ 4070.575103] gen8_enable_metric_set+0x4d/0x90 [i915]\n[ 4070.575164] i915_perf_open_ioctl+0xbc0/0x1500 [i915]\n[ 4070.575224] ? asm_common_interrupt+0x1e/0x40\n[ 4070.575232] ? i915_oa_init_reg_state+0x110/0x110 [i915]\n[ 4070.575290] drm_ioctl_kernel+0x85/0x110\n[ 4070.575296] ? update_load_avg+0x5f/0x5e0\n[ 4070.575302] drm_ioctl+0x1d3/0x370\n[ 4070.575307] ? i915_oa_init_reg_state+0x110/0x110 [i915]\n[ 4070.575382] ? gen8_gt_irq_handler+0x46/0x130 [i915]\n[ 4070.575445] __x64_sys_ioctl+0x3c4/0x8d0\n[ 4070.575451] ? __do_softirq+0xaa/0x1d2\n[ 4070.575456] do_syscall_64+0x35/0x80\n[ 4070.575461] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 4070.575467] RIP: 0033:0x7f1ed5c10397\n[ 4070.575471] Code: 3c 1c e8 1c ff ff ff 85 c0 79 87 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a9 da 0d 00 f7 d8 64 89 01 48\n[ 4070.575478] RSP: 002b:00007ffd65c8d7a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[ 4070.575484] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f1ed5c10397\n[ 4070.575488] RDX: 00007ffd65c8d7c0 RSI: 0000000040106476 RDI: 0000000000000006\n[ 4070.575492] RBP: 00005620972f9c60 R08: 000000000000000a R09: 0000000000000005\n[ 4070.575496] R10: 000000000000000d R11: 0000000000000246 R12: 000000000000000a\n[ 4070.575500] R13: 000000000000000d R14: 0000000000000000 R15: 00007ffd65c8d7c0\n[ 4070.575505] \u003c/TASK\u003e\n[ 4070.575507] Modules linked in: nls_ascii(E) nls_cp437(E) vfat(E) fat(E) i915(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) crct10dif_pclmul(E) crc32_pclmul(E) crc32c_intel(E) aesni_intel(E) crypto_simd(E) intel_gtt(E) cryptd(E) ttm(E) rapl(E) intel_cstate(E) drm_kms_helper(E) cfbfillrect(E) syscopyarea(E) cfbimgblt(E) intel_uncore(E) sysfillrect(E) mei_me(E) sysimgblt(E) i2c_i801(E) fb_sys_fops(E) mei(E) intel_pch_thermal(E) i2c_smbus\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48662",
"url": "https://www.suse.com/security/cve/CVE-2022-48662"
},
{
"category": "external",
"summary": "SUSE Bug 1223505 for CVE-2022-48662",
"url": "https://bugzilla.suse.com/1223505"
},
{
"category": "external",
"summary": "SUSE Bug 1223521 for CVE-2022-48662",
"url": "https://bugzilla.suse.com/1223521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2022-48662"
},
{
"cve": "CVE-2022-48663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mockup: fix NULL pointer dereference when removing debugfs\n\nWe now remove the device\u0027s debugfs entries when unbinding the driver.\nThis now causes a NULL-pointer dereference on module exit because the\nplatform devices are unregistered *after* the global debugfs directory\nhas been recursively removed. Fix it by unregistering the devices first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48663",
"url": "https://www.suse.com/security/cve/CVE-2022-48663"
},
{
"category": "external",
"summary": "SUSE Bug 1223523 for CVE-2022-48663",
"url": "https://bugzilla.suse.com/1223523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48663"
},
{
"cve": "CVE-2022-48667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in insert range\n\ninsert range doesn\u0027t discard the affected cached region\nso can risk temporarily corrupting file data.\n\nAlso includes some minor cleanup (avoiding rereading\ninode size repeatedly unnecessarily) to make it clearer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48667",
"url": "https://www.suse.com/security/cve/CVE-2022-48667"
},
{
"category": "external",
"summary": "SUSE Bug 1223518 for CVE-2022-48667",
"url": "https://bugzilla.suse.com/1223518"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48667"
},
{
"cve": "CVE-2022-48668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix temporary data corruption in collapse range\n\ncollapse range doesn\u0027t discard the affected cached region\nso can risk temporarily corrupting the file data. This\nfixes xfstest generic/031\n\nI also decided to merge a minor cleanup to this into the same patch\n(avoiding rereading inode size repeatedly unnecessarily) to make it\nclearer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48668",
"url": "https://www.suse.com/security/cve/CVE-2022-48668"
},
{
"category": "external",
"summary": "SUSE Bug 1223516 for CVE-2022-48668",
"url": "https://bugzilla.suse.com/1223516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48668"
},
{
"cve": "CVE-2022-48671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()\n\nsyzbot is hitting percpu_rwsem_assert_held(\u0026cpu_hotplug_lock) warning at\ncpuset_attach() [1], for commit 4f7e7236435ca0ab (\"cgroup: Fix\nthreadgroup_rwsem \u003c-\u003e cpus_read_lock() deadlock\") missed that\ncpuset_attach() is also called from cgroup_attach_task_all().\nAdd cpus_read_lock() like what cgroup_procs_write_start() does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48671",
"url": "https://www.suse.com/security/cve/CVE-2022-48671"
},
{
"category": "external",
"summary": "SUSE Bug 1223929 for CVE-2022-48671",
"url": "https://bugzilla.suse.com/1223929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48671"
},
{
"cve": "CVE-2022-48672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: fdt: fix off-by-one error in unflatten_dt_nodes()\n\nCommit 78c44d910d3e (\"drivers/of: Fix depth when unflattening devicetree\")\nforgot to fix up the depth check in the loop body in unflatten_dt_nodes()\nwhich makes it possible to overflow the nps[] buffer...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48672",
"url": "https://www.suse.com/security/cve/CVE-2022-48672"
},
{
"category": "external",
"summary": "SUSE Bug 1223931 for CVE-2022-48672",
"url": "https://bugzilla.suse.com/1223931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48672"
},
{
"cve": "CVE-2022-48673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Fix possible access to freed memory in link clear\n\nAfter modifying the QP to the Error state, all RX WR would be completed\nwith WC in IB_WC_WR_FLUSH_ERR status. Current implementation does not\nwait for it is done, but destroy the QP and free the link group directly.\nSo there is a risk that accessing the freed memory in tasklet context.\n\nHere is a crash example:\n\n BUG: unable to handle page fault for address: ffffffff8f220860\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD f7300e067 P4D f7300e067 PUD f7300f063 PMD 8c4e45063 PTE 800ffff08c9df060\n Oops: 0002 [#1] SMP PTI\n CPU: 1 PID: 0 Comm: swapper/1 Kdump: loaded Tainted: G S OE 5.10.0-0607+ #23\n Hardware name: Inspur NF5280M4/YZMB-00689-101, BIOS 4.1.20 07/09/2018\n RIP: 0010:native_queued_spin_lock_slowpath+0x176/0x1b0\n Code: f3 90 48 8b 32 48 85 f6 74 f6 eb d5 c1 ee 12 83 e0 03 83 ee 01 48 c1 e0 05 48 63 f6 48 05 00 c8 02 00 48 03 04 f5 00 09 98 8e \u003c48\u003e 89 10 8b 42 08 85 c0 75 09 f3 90 8b 42 08 85 c0 74 f7 48 8b 32\n RSP: 0018:ffffb3b6c001ebd8 EFLAGS: 00010086\n RAX: ffffffff8f220860 RBX: 0000000000000246 RCX: 0000000000080000\n RDX: ffff91db1f86c800 RSI: 000000000000173c RDI: ffff91db62bace00\n RBP: ffff91db62bacc00 R08: 0000000000000000 R09: c00000010000028b\n R10: 0000000000055198 R11: ffffb3b6c001ea58 R12: ffff91db80e05010\n R13: 000000000000000a R14: 0000000000000006 R15: 0000000000000040\n FS: 0000000000000000(0000) GS:ffff91db1f840000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffff8f220860 CR3: 00000001f9580004 CR4: 00000000003706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n _raw_spin_lock_irqsave+0x30/0x40\n mlx5_ib_poll_cq+0x4c/0xc50 [mlx5_ib]\n smc_wr_rx_tasklet_fn+0x56/0xa0 [smc]\n tasklet_action_common.isra.21+0x66/0x100\n __do_softirq+0xd5/0x29c\n asm_call_irq_on_stack+0x12/0x20\n \u003c/IRQ\u003e\n do_softirq_own_stack+0x37/0x40\n irq_exit_rcu+0x9d/0xa0\n sysvec_call_function_single+0x34/0x80\n asm_sysvec_call_function_single+0x12/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48673",
"url": "https://www.suse.com/security/cve/CVE-2022-48673"
},
{
"category": "external",
"summary": "SUSE Bug 1223934 for CVE-2022-48673",
"url": "https://bugzilla.suse.com/1223934"
},
{
"category": "external",
"summary": "SUSE Bug 1223940 for CVE-2022-48673",
"url": "https://bugzilla.suse.com/1223940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48673"
},
{
"cve": "CVE-2022-48675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/core: Fix a nested dead lock as part of ODP flow\n\nFix a nested dead lock as part of ODP flow by using mmput_async().\n\nFrom the below call trace [1] can see that calling mmput() once we have\nthe umem_odp-\u003eumem_mutex locked as required by\nib_umem_odp_map_dma_and_lock() might trigger in the same task the\nexit_mmap()-\u003e__mmu_notifier_release()-\u003emlx5_ib_invalidate_range() which\nmay dead lock when trying to lock the same mutex.\n\nMoving to use mmput_async() will solve the problem as the above\nexit_mmap() flow will be called in other task and will be executed once\nthe lock will be available.\n\n[1]\n[64843.077665] task:kworker/u133:2 state:D stack: 0 pid:80906 ppid:\n2 flags:0x00004000\n[64843.077672] Workqueue: mlx5_ib_page_fault mlx5_ib_eqe_pf_action [mlx5_ib]\n[64843.077719] Call Trace:\n[64843.077722] \u003cTASK\u003e\n[64843.077724] __schedule+0x23d/0x590\n[64843.077729] schedule+0x4e/0xb0\n[64843.077735] schedule_preempt_disabled+0xe/0x10\n[64843.077740] __mutex_lock.constprop.0+0x263/0x490\n[64843.077747] __mutex_lock_slowpath+0x13/0x20\n[64843.077752] mutex_lock+0x34/0x40\n[64843.077758] mlx5_ib_invalidate_range+0x48/0x270 [mlx5_ib]\n[64843.077808] __mmu_notifier_release+0x1a4/0x200\n[64843.077816] exit_mmap+0x1bc/0x200\n[64843.077822] ? walk_page_range+0x9c/0x120\n[64843.077828] ? __cond_resched+0x1a/0x50\n[64843.077833] ? mutex_lock+0x13/0x40\n[64843.077839] ? uprobe_clear_state+0xac/0x120\n[64843.077860] mmput+0x5f/0x140\n[64843.077867] ib_umem_odp_map_dma_and_lock+0x21b/0x580 [ib_core]\n[64843.077931] pagefault_real_mr+0x9a/0x140 [mlx5_ib]\n[64843.077962] pagefault_mr+0xb4/0x550 [mlx5_ib]\n[64843.077992] pagefault_single_data_segment.constprop.0+0x2ac/0x560\n[mlx5_ib]\n[64843.078022] mlx5_ib_eqe_pf_action+0x528/0x780 [mlx5_ib]\n[64843.078051] process_one_work+0x22b/0x3d0\n[64843.078059] worker_thread+0x53/0x410\n[64843.078065] ? process_one_work+0x3d0/0x3d0\n[64843.078073] kthread+0x12a/0x150\n[64843.078079] ? set_kthread_struct+0x50/0x50\n[64843.078085] ret_from_fork+0x22/0x30\n[64843.078093] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48675",
"url": "https://www.suse.com/security/cve/CVE-2022-48675"
},
{
"category": "external",
"summary": "SUSE Bug 1223894 for CVE-2022-48675",
"url": "https://bugzilla.suse.com/1223894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48675"
},
{
"cve": "CVE-2022-48686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix UAF when detecting digest errors\n\nWe should also bail from the io_work loop when we set rd_enabled to true,\nso we don\u0027t attempt to read data from the socket when the TCP stream is\nalready out-of-sync or corrupted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48686",
"url": "https://www.suse.com/security/cve/CVE-2022-48686"
},
{
"category": "external",
"summary": "SUSE Bug 1223948 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1223948"
},
{
"category": "external",
"summary": "SUSE Bug 1226337 for CVE-2022-48686",
"url": "https://bugzilla.suse.com/1226337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2022-48686"
},
{
"cve": "CVE-2022-48687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix out-of-bounds read when setting HMAC data.\n\nThe SRv6 layer allows defining HMAC data that can later be used to sign IPv6\nSegment Routing Headers. This configuration is realised via netlink through\nfour attributes: SEG6_ATTR_HMACKEYID, SEG6_ATTR_SECRET, SEG6_ATTR_SECRETLEN and\nSEG6_ATTR_ALGID. Because the SECRETLEN attribute is decoupled from the actual\nlength of the SECRET attribute, it is possible to provide invalid combinations\n(e.g., secret = \"\", secretlen = 64). This case is not checked in the code and\nwith an appropriately crafted netlink message, an out-of-bounds read of up\nto 64 bytes (max secret length) can occur past the skb end pointer and into\nskb_shared_info:\n\nBreakpoint 1, seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n208\t\tmemcpy(hinfo-\u003esecret, secret, slen);\n(gdb) bt\n #0 seg6_genl_sethmac (skb=\u003coptimized out\u003e, info=\u003coptimized out\u003e) at net/ipv6/seg6.c:208\n #1 0xffffffff81e012e9 in genl_family_rcv_msg_doit (skb=skb@entry=0xffff88800b1f9f00, nlh=nlh@entry=0xffff88800b1b7600,\n extack=extack@entry=0xffffc90000ba7af0, ops=ops@entry=0xffffc90000ba7a80, hdrlen=4, net=0xffffffff84237580 \u003cinit_net\u003e, family=\u003coptimized out\u003e,\n family=\u003coptimized out\u003e) at net/netlink/genetlink.c:731\n #2 0xffffffff81e01435 in genl_family_rcv_msg (extack=0xffffc90000ba7af0, nlh=0xffff88800b1b7600, skb=0xffff88800b1f9f00,\n family=0xffffffff82fef6c0 \u003cseg6_genl_family\u003e) at net/netlink/genetlink.c:775\n #3 genl_rcv_msg (skb=0xffff88800b1f9f00, nlh=0xffff88800b1b7600, extack=0xffffc90000ba7af0) at net/netlink/genetlink.c:792\n #4 0xffffffff81dfffc3 in netlink_rcv_skb (skb=skb@entry=0xffff88800b1f9f00, cb=cb@entry=0xffffffff81e01350 \u003cgenl_rcv_msg\u003e)\n at net/netlink/af_netlink.c:2501\n #5 0xffffffff81e00919 in genl_rcv (skb=0xffff88800b1f9f00) at net/netlink/genetlink.c:803\n #6 0xffffffff81dff6ae in netlink_unicast_kernel (ssk=0xffff888010eec800, skb=0xffff88800b1f9f00, sk=0xffff888004aed000)\n at net/netlink/af_netlink.c:1319\n #7 netlink_unicast (ssk=ssk@entry=0xffff888010eec800, skb=skb@entry=0xffff88800b1f9f00, portid=portid@entry=0, nonblock=\u003coptimized out\u003e)\n at net/netlink/af_netlink.c:1345\n #8 0xffffffff81dff9a4 in netlink_sendmsg (sock=\u003coptimized out\u003e, msg=0xffffc90000ba7e48, len=\u003coptimized out\u003e) at net/netlink/af_netlink.c:1921\n...\n(gdb) p/x ((struct sk_buff *)0xffff88800b1f9f00)-\u003ehead + ((struct sk_buff *)0xffff88800b1f9f00)-\u003eend\n$1 = 0xffff88800b1b76c0\n(gdb) p/x secret\n$2 = 0xffff88800b1b76c0\n(gdb) p slen\n$3 = 64 \u0027@\u0027\n\nThe OOB data can then be read back from userspace by dumping HMAC state. This\ncommit fixes this by ensuring SECRETLEN cannot exceed the actual length of\nSECRET.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48687",
"url": "https://www.suse.com/security/cve/CVE-2022-48687"
},
{
"category": "external",
"summary": "SUSE Bug 1223952 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1223952"
},
{
"category": "external",
"summary": "SUSE Bug 1224043 for CVE-2022-48687",
"url": "https://bugzilla.suse.com/1224043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2022-48687"
},
{
"cve": "CVE-2022-48688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix kernel crash during module removal\n\nThe driver incorrectly frees client instance and subsequent\ni40e module removal leads to kernel crash.\n\nReproducer:\n1. Do ethtool offline test followed immediately by another one\nhost# ethtool -t eth0 offline; ethtool -t eth0 offline\n2. Remove recursively irdma module that also removes i40e module\nhost# modprobe -r irdma\n\nResult:\n[ 8675.035651] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.193774] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.201316] i40e 0000:3d:00.0 eno1: offline testing starting\n[ 8675.358921] i40e 0000:3d:00.0 eno1: testing finished\n[ 8675.496921] i40e 0000:3d:00.0: IRDMA hardware initialization FAILED init_state=2 status=-110\n[ 8686.188955] i40e 0000:3d:00.1: i40e_ptp_stop: removed PHC on eno2\n[ 8686.943890] i40e 0000:3d:00.1: Deleted LAN device PF1 bus=0x3d dev=0x00 func=0x01\n[ 8686.952669] i40e 0000:3d:00.0: i40e_ptp_stop: removed PHC on eno1\n[ 8687.761787] BUG: kernel NULL pointer dereference, address: 0000000000000030\n[ 8687.768755] #PF: supervisor read access in kernel mode\n[ 8687.773895] #PF: error_code(0x0000) - not-present page\n[ 8687.779034] PGD 0 P4D 0\n[ 8687.781575] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 8687.785935] CPU: 51 PID: 172891 Comm: rmmod Kdump: loaded Tainted: G W I 5.19.0+ #2\n[ 8687.794800] Hardware name: Intel Corporation S2600WFD/S2600WFD, BIOS SE5C620.86B.0X.02.0001.051420190324 05/14/2019\n[ 8687.805222] RIP: 0010:i40e_lan_del_device+0x13/0xb0 [i40e]\n[ 8687.810719] Code: d4 84 c0 0f 84 b8 25 01 00 e9 9c 25 01 00 41 bc f4 ff ff ff eb 91 90 0f 1f 44 00 00 41 54 55 53 48 8b 87 58 08 00 00 48 89 fb \u003c48\u003e 8b 68 30 48 89 ef e8 21 8a 0f d5 48 89 ef e8 a9 78 0f d5 48 8b\n[ 8687.829462] RSP: 0018:ffffa604072efce0 EFLAGS: 00010202\n[ 8687.834689] RAX: 0000000000000000 RBX: ffff8f43833b2000 RCX: 0000000000000000\n[ 8687.841821] RDX: 0000000000000000 RSI: ffff8f4b0545b298 RDI: ffff8f43833b2000\n[ 8687.848955] RBP: ffff8f43833b2000 R08: 0000000000000001 R09: 0000000000000000\n[ 8687.856086] R10: 0000000000000000 R11: 000ffffffffff000 R12: ffff8f43833b2ef0\n[ 8687.863218] R13: ffff8f43833b2ef0 R14: ffff915103966000 R15: ffff8f43833b2008\n[ 8687.870342] FS: 00007f79501c3740(0000) GS:ffff8f4adffc0000(0000) knlGS:0000000000000000\n[ 8687.878427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8687.884174] CR2: 0000000000000030 CR3: 000000014276e004 CR4: 00000000007706e0\n[ 8687.891306] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 8687.898441] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 8687.905572] PKRU: 55555554\n[ 8687.908286] Call Trace:\n[ 8687.910737] \u003cTASK\u003e\n[ 8687.912843] i40e_remove+0x2c0/0x330 [i40e]\n[ 8687.917040] pci_device_remove+0x33/0xa0\n[ 8687.920962] device_release_driver_internal+0x1aa/0x230\n[ 8687.926188] driver_detach+0x44/0x90\n[ 8687.929770] bus_remove_driver+0x55/0xe0\n[ 8687.933693] pci_unregister_driver+0x2a/0xb0\n[ 8687.937967] i40e_exit_module+0xc/0xf48 [i40e]\n\nTwo offline tests cause IRDMA driver failure (ETIMEDOUT) and this\nfailure is indicated back to i40e_client_subtask() that calls\ni40e_client_del_instance() to free client instance referenced\nby pf-\u003ecinst and sets this pointer to NULL. During the module\nremoval i40e_remove() calls i40e_lan_del_device() that dereferences\npf-\u003ecinst that is NULL -\u003e crash.\nDo not remove client instance when client open callbacks fails and\njust clear __I40E_CLIENT_INSTANCE_OPENED bit. The driver also needs\nto take care about this situation (when netdev is up and client\nis NOT opened) in i40e_notify_client_of_netdev_close() and\ncalls client close callback only when __I40E_CLIENT_INSTANCE_OPENED\nis set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48688",
"url": "https://www.suse.com/security/cve/CVE-2022-48688"
},
{
"category": "external",
"summary": "SUSE Bug 1223953 for CVE-2022-48688",
"url": "https://bugzilla.suse.com/1223953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48688"
},
{
"cve": "CVE-2022-48690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix DMA mappings leak\n\nFix leak, when user changes ring parameters.\nDuring reallocation of RX buffers, new DMA mappings are created for\nthose buffers. New buffers with different RX ring count should\nsubstitute older ones, but those buffers were freed in ice_vsi_cfg_rxq\nand reallocated again with ice_alloc_rx_buf. kfree on rx_buf caused\nleak of already mapped DMA.\nReallocate ZC with xdp_buf struct, when BPF program loads. Reallocate\nback to rx_buf, when BPF program unloads.\nIf BPF program is loaded/unloaded and XSK pools are created, reallocate\nRX queues accordingly in XDP_SETUP_XSK_POOL handler.\n\nSteps for reproduction:\nwhile :\ndo\n\tfor ((i=0; i\u003c=8160; i=i+32))\n\tdo\n\t\tethtool -G enp130s0f0 rx $i tx $i\n\t\tsleep 0.5\n\t\tethtool -g enp130s0f0\n\tdone\ndone",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48690",
"url": "https://www.suse.com/security/cve/CVE-2022-48690"
},
{
"category": "external",
"summary": "SUSE Bug 1223960 for CVE-2022-48690",
"url": "https://bugzilla.suse.com/1223960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48690"
},
{
"cve": "CVE-2022-48692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srp: Set scmnd-\u003eresult only when scmnd is not NULL\n\nThis change fixes the following kernel NULL pointer dereference\nwhich is reproduced by blktests srp/007 occasionally.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000170\nPGD 0 P4D 0\nOops: 0002 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 9 Comm: kworker/0:1H Kdump: loaded Not tainted 6.0.0-rc1+ #37\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.15.0-29-g6a62e0cb0dfe-prebuilt.qemu.org 04/01/2014\nWorkqueue: 0x0 (kblockd)\nRIP: 0010:srp_recv_done+0x176/0x500 [ib_srp]\nCode: 00 4d 85 ff 0f 84 52 02 00 00 48 c7 82 80 02 00 00 00 00 00 00 4c 89 df 4c 89 14 24 e8 53 d3 4a f6 4c 8b 14 24 41 0f b6 42 13 \u003c41\u003e 89 87 70 01 00 00 41 0f b6 52 12 f6 c2 02 74 44 41 8b 42 1c b9\nRSP: 0018:ffffaef7c0003e28 EFLAGS: 00000282\nRAX: 0000000000000000 RBX: ffff9bc9486dea60 RCX: 0000000000000000\nRDX: 0000000000000102 RSI: ffffffffb76bbd0e RDI: 00000000ffffffff\nRBP: ffff9bc980099a00 R08: 0000000000000001 R09: 0000000000000001\nR10: ffff9bca53ef0000 R11: ffff9bc980099a10 R12: ffff9bc956e14000\nR13: ffff9bc9836b9cb0 R14: ffff9bc9557b4480 R15: 0000000000000000\nFS: 0000000000000000(0000) GS:ffff9bc97ec00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000170 CR3: 0000000007e04000 CR4: 00000000000006f0\nCall Trace:\n \u003cIRQ\u003e\n __ib_process_cq+0xb7/0x280 [ib_core]\n ib_poll_handler+0x2b/0x130 [ib_core]\n irq_poll_softirq+0x93/0x150\n __do_softirq+0xee/0x4b8\n irq_exit_rcu+0xf7/0x130\n sysvec_apic_timer_interrupt+0x8e/0xc0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48692",
"url": "https://www.suse.com/security/cve/CVE-2022-48692"
},
{
"category": "external",
"summary": "SUSE Bug 1223962 for CVE-2022-48692",
"url": "https://bugzilla.suse.com/1223962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48692"
},
{
"cve": "CVE-2022-48693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs\n\nIn brcmstb_pm_probe(), there are two kinds of leak bugs:\n\n(1) we need to add of_node_put() when for_each__matching_node() breaks\n(2) we need to add iounmap() for each iomap in fail path",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48693",
"url": "https://www.suse.com/security/cve/CVE-2022-48693"
},
{
"category": "external",
"summary": "SUSE Bug 1223963 for CVE-2022-48693",
"url": "https://bugzilla.suse.com/1223963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48693"
},
{
"cve": "CVE-2022-48694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48694"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix drain SQ hang with no completion\n\nSW generated completions for outstanding WRs posted on SQ\nafter QP is in error target the wrong CQ. This causes the\nib_drain_sq to hang with no completion.\n\nFix this to generate completions on the right CQ.\n\n[ 863.969340] INFO: task kworker/u52:2:671 blocked for more than 122 seconds.\n[ 863.979224] Not tainted 5.14.0-130.el9.x86_64 #1\n[ 863.986588] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 863.996997] task:kworker/u52:2 state:D stack: 0 pid: 671 ppid: 2 flags:0x00004000\n[ 864.007272] Workqueue: xprtiod xprt_autoclose [sunrpc]\n[ 864.014056] Call Trace:\n[ 864.017575] __schedule+0x206/0x580\n[ 864.022296] schedule+0x43/0xa0\n[ 864.026736] schedule_timeout+0x115/0x150\n[ 864.032185] __wait_for_common+0x93/0x1d0\n[ 864.037717] ? usleep_range_state+0x90/0x90\n[ 864.043368] __ib_drain_sq+0xf6/0x170 [ib_core]\n[ 864.049371] ? __rdma_block_iter_next+0x80/0x80 [ib_core]\n[ 864.056240] ib_drain_sq+0x66/0x70 [ib_core]\n[ 864.062003] rpcrdma_xprt_disconnect+0x82/0x3b0 [rpcrdma]\n[ 864.069365] ? xprt_prepare_transmit+0x5d/0xc0 [sunrpc]\n[ 864.076386] xprt_rdma_close+0xe/0x30 [rpcrdma]\n[ 864.082593] xprt_autoclose+0x52/0x100 [sunrpc]\n[ 864.088718] process_one_work+0x1e8/0x3c0\n[ 864.094170] worker_thread+0x50/0x3b0\n[ 864.099109] ? rescuer_thread+0x370/0x370\n[ 864.104473] kthread+0x149/0x170\n[ 864.109022] ? set_kthread_struct+0x40/0x40\n[ 864.114713] ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48694",
"url": "https://www.suse.com/security/cve/CVE-2022-48694"
},
{
"category": "external",
"summary": "SUSE Bug 1223964 for CVE-2022-48694",
"url": "https://bugzilla.suse.com/1223964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48694"
},
{
"cve": "CVE-2022-48695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix use-after-free warning\n\nFix the following use-after-free warning which is observed during\ncontroller reset:\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 23 PID: 5399 at lib/refcount.c:28 refcount_warn_saturate+0xa6/0xf0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48695",
"url": "https://www.suse.com/security/cve/CVE-2022-48695"
},
{
"category": "external",
"summary": "SUSE Bug 1223941 for CVE-2022-48695",
"url": "https://bugzilla.suse.com/1223941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48695"
},
{
"cve": "CVE-2022-48697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: fix a use-after-free\n\nFix the following use-after-free complaint triggered by blktests nvme/004:\n\nBUG: KASAN: user-memory-access in blk_mq_complete_request_remote+0xac/0x350\nRead of size 4 at addr 0000607bd1835943 by task kworker/13:1/460\nWorkqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\nCall Trace:\n show_stack+0x52/0x58\n dump_stack_lvl+0x49/0x5e\n print_report.cold+0x36/0x1e2\n kasan_report+0xb9/0xf0\n __asan_load4+0x6b/0x80\n blk_mq_complete_request_remote+0xac/0x350\n nvme_loop_queue_response+0x1df/0x275 [nvme_loop]\n __nvmet_req_complete+0x132/0x4f0 [nvmet]\n nvmet_req_complete+0x15/0x40 [nvmet]\n nvmet_execute_io_connect+0x18a/0x1f0 [nvmet]\n nvme_loop_execute_work+0x20/0x30 [nvme_loop]\n process_one_work+0x56e/0xa70\n worker_thread+0x2d1/0x640\n kthread+0x183/0x1c0\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48697",
"url": "https://www.suse.com/security/cve/CVE-2022-48697"
},
{
"category": "external",
"summary": "SUSE Bug 1223922 for CVE-2022-48697",
"url": "https://bugzilla.suse.com/1223922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48697"
},
{
"cve": "CVE-2022-48698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix memory leak when using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. Fix this up by properly\ncalling dput().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48698",
"url": "https://www.suse.com/security/cve/CVE-2022-48698"
},
{
"category": "external",
"summary": "SUSE Bug 1223956 for CVE-2022-48698",
"url": "https://bugzilla.suse.com/1223956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2022-48698"
},
{
"cve": "CVE-2022-48699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/debug: fix dentry leak in update_sched_domain_debugfs\n\nKuyo reports that the pattern of using debugfs_remove(debugfs_lookup())\nleaks a dentry and with a hotplug stress test, the machine eventually\nruns out of memory.\n\nFix this up by using the newly created debugfs_lookup_and_remove() call\ninstead which properly handles the dentry reference counting logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48699",
"url": "https://www.suse.com/security/cve/CVE-2022-48699"
},
{
"category": "external",
"summary": "SUSE Bug 1223996 for CVE-2022-48699",
"url": "https://bugzilla.suse.com/1223996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48699"
},
{
"cve": "CVE-2022-48700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48700"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48700",
"url": "https://www.suse.com/security/cve/CVE-2022-48700"
},
{
"category": "external",
"summary": "SUSE Bug 1223957 for CVE-2022-48700",
"url": "https://bugzilla.suse.com/1223957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2022-48700"
},
{
"cve": "CVE-2022-48701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()\n\nThere may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and\nthe number of it\u0027s interfaces less than 4, an out-of-bounds read bug occurs\nwhen parsing the interface descriptor for this device.\n\nFix this by checking the number of interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48701",
"url": "https://www.suse.com/security/cve/CVE-2022-48701"
},
{
"category": "external",
"summary": "SUSE Bug 1223921 for CVE-2022-48701",
"url": "https://bugzilla.suse.com/1223921"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2022-48701"
},
{
"cve": "CVE-2022-48702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()\n\nThe voice allocator sometimes begins allocating from near the end of the\narray and then wraps around, however snd_emu10k1_pcm_channel_alloc()\naccesses the newly allocated voices as if it never wrapped around.\n\nThis results in out of bounds access if the first voice has a high enough\nindex so that first_voice + requested_voice_count \u003e NUM_G (64).\nThe more voices are requested, the more likely it is for this to occur.\n\nThis was initially discovered using PipeWire, however it can be reproduced\nby calling aplay multiple times with 16 channels:\naplay -r 48000 -D plughw:CARD=Live,DEV=3 -c 16 /dev/zero\n\nUBSAN: array-index-out-of-bounds in sound/pci/emu10k1/emupcm.c:127:40\nindex 65 is out of range for type \u0027snd_emu10k1_voice [64]\u0027\nCPU: 1 PID: 31977 Comm: aplay Tainted: G W IOE 6.0.0-rc2-emu10k1+ #7\nHardware name: ASUSTEK COMPUTER INC P5W DH Deluxe/P5W DH Deluxe, BIOS 3002 07/22/2010\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x49/0x63\ndump_stack+0x10/0x16\nubsan_epilogue+0x9/0x3f\n__ubsan_handle_out_of_bounds.cold+0x44/0x49\nsnd_emu10k1_playback_hw_params+0x3bc/0x420 [snd_emu10k1]\nsnd_pcm_hw_params+0x29f/0x600 [snd_pcm]\nsnd_pcm_common_ioctl+0x188/0x1410 [snd_pcm]\n? exit_to_user_mode_prepare+0x35/0x170\n? do_syscall_64+0x69/0x90\n? syscall_exit_to_user_mode+0x26/0x50\n? do_syscall_64+0x69/0x90\n? exit_to_user_mode_prepare+0x35/0x170\nsnd_pcm_ioctl+0x27/0x40 [snd_pcm]\n__x64_sys_ioctl+0x95/0xd0\ndo_syscall_64+0x5c/0x90\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48702",
"url": "https://www.suse.com/security/cve/CVE-2022-48702"
},
{
"category": "external",
"summary": "SUSE Bug 1223923 for CVE-2022-48702",
"url": "https://bugzilla.suse.com/1223923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48702"
},
{
"cve": "CVE-2022-48703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR\n\nIn some case, the GDDV returns a package with a buffer which has\nzero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10).\n\nThen the data_vault_read() got NULL point dereference problem when\naccessing the 0x10 value in data_vault.\n\n[ 71.024560] BUG: kernel NULL pointer dereference, address:\n0000000000000010\n\nThis patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or\nNULL value in data_vault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48703",
"url": "https://www.suse.com/security/cve/CVE-2022-48703"
},
{
"category": "external",
"summary": "SUSE Bug 1223924 for CVE-2022-48703",
"url": "https://bugzilla.suse.com/1223924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48703"
},
{
"cve": "CVE-2022-48704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: add a force flush to delay work when radeon\n\nAlthough radeon card fence and wait for gpu to finish processing current batch rings,\nthere is still a corner case that radeon lockup work queue may not be fully flushed,\nand meanwhile the radeon_suspend_kms() function has called pci_set_power_state() to\nput device in D3hot state.\nPer PCI spec rev 4.0 on 5.3.1.4.1 D3hot State.\n\u003e Configuration and Message requests are the only TLPs accepted by a Function in\n\u003e the D3hot state. All other received Requests must be handled as Unsupported Requests,\n\u003e and all received Completions may optionally be handled as Unexpected Completions.\nThis issue will happen in following logs:\nUnable to handle kernel paging request at virtual address 00008800e0008010\nCPU 0 kworker/0:3(131): Oops 0\npc = [\u003cffffffff811bea5c\u003e] ra = [\u003cffffffff81240844\u003e] ps = 0000 Tainted: G W\npc is at si_gpu_check_soft_reset+0x3c/0x240\nra is at si_dma_is_lockup+0x34/0xd0\nv0 = 0000000000000000 t0 = fff08800e0008010 t1 = 0000000000010000\nt2 = 0000000000008010 t3 = fff00007e3c00000 t4 = fff00007e3c00258\nt5 = 000000000000ffff t6 = 0000000000000001 t7 = fff00007ef078000\ns0 = fff00007e3c016e8 s1 = fff00007e3c00000 s2 = fff00007e3c00018\ns3 = fff00007e3c00000 s4 = fff00007fff59d80 s5 = 0000000000000000\ns6 = fff00007ef07bd98\na0 = fff00007e3c00000 a1 = fff00007e3c016e8 a2 = 0000000000000008\na3 = 0000000000000001 a4 = 8f5c28f5c28f5c29 a5 = ffffffff810f4338\nt8 = 0000000000000275 t9 = ffffffff809b66f8 t10 = ff6769c5d964b800\nt11= 000000000000b886 pv = ffffffff811bea20 at = 0000000000000000\ngp = ffffffff81d89690 sp = 00000000aa814126\nDisabling lock debugging due to kernel taint\nTrace:\n[\u003cffffffff81240844\u003e] si_dma_is_lockup+0x34/0xd0\n[\u003cffffffff81119610\u003e] radeon_fence_check_lockup+0xd0/0x290\n[\u003cffffffff80977010\u003e] process_one_work+0x280/0x550\n[\u003cffffffff80977350\u003e] worker_thread+0x70/0x7c0\n[\u003cffffffff80977410\u003e] worker_thread+0x130/0x7c0\n[\u003cffffffff80982040\u003e] kthread+0x200/0x210\n[\u003cffffffff809772e0\u003e] worker_thread+0x0/0x7c0\n[\u003cffffffff80981f8c\u003e] kthread+0x14c/0x210\n[\u003cffffffff80911658\u003e] ret_from_kernel_thread+0x18/0x20\n[\u003cffffffff80981e40\u003e] kthread+0x0/0x210\n Code: ad3e0008 43f0074a ad7e0018 ad9e0020 8c3001e8 40230101\n \u003c88210000\u003e 4821ed21\nSo force lockup work queue flush to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48704",
"url": "https://www.suse.com/security/cve/CVE-2022-48704"
},
{
"category": "external",
"summary": "SUSE Bug 1223932 for CVE-2022-48704",
"url": "https://bugzilla.suse.com/1223932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2022-48704"
},
{
"cve": "CVE-2023-2860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2860"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This flaw allows a privileged local user to disclose sensitive information on affected installations of the Linux kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2860",
"url": "https://www.suse.com/security/cve/CVE-2023-2860"
},
{
"category": "external",
"summary": "SUSE Bug 1211592 for CVE-2023-2860",
"url": "https://bugzilla.suse.com/1211592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-2860"
},
{
"cve": "CVE-2023-52585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()\n\nReturn invalid error code -EINVAL for invalid block id.\n\nFixes the below:\n\ndrivers/gpu/drm/amd/amdgpu/amdgpu_ras.c:1183 amdgpu_ras_query_error_status_helper() error: we previously assumed \u0027info\u0027 could be null (see line 1176)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52585",
"url": "https://www.suse.com/security/cve/CVE-2023-52585"
},
{
"category": "external",
"summary": "SUSE Bug 1221080 for CVE-2023-52585",
"url": "https://bugzilla.suse.com/1221080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52585"
},
{
"cve": "CVE-2023-52589",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52589"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rkisp1: Fix IRQ disable race issue\n\nIn rkisp1_isp_stop() and rkisp1_csi_disable() the driver masks the\ninterrupts and then apparently assumes that the interrupt handler won\u0027t\nbe running, and proceeds in the stop procedure. This is not the case, as\nthe interrupt handler can already be running, which would lead to the\nISP being disabled while the interrupt handler handling a captured\nframe.\n\nThis brings up two issues: 1) the ISP could be powered off while the\ninterrupt handler is still running and accessing registers, leading to\nboard lockup, and 2) the interrupt handler code and the code that\ndisables the streaming might do things that conflict.\n\nIt is not clear to me if 2) causes a real issue, but 1) can be seen with\na suitable delay (or printk in my case) in the interrupt handler,\nleading to board lockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52589",
"url": "https://www.suse.com/security/cve/CVE-2023-52589"
},
{
"category": "external",
"summary": "SUSE Bug 1221084 for CVE-2023-52589",
"url": "https://bugzilla.suse.com/1221084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52589"
},
{
"cve": "CVE-2023-52590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change ocfs2 rename code to avoid touching renamed directory if\nits parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52590",
"url": "https://www.suse.com/security/cve/CVE-2023-52590"
},
{
"category": "external",
"summary": "SUSE Bug 1221088 for CVE-2023-52590",
"url": "https://bugzilla.suse.com/1221088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52590"
},
{
"cve": "CVE-2023-52591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52591",
"url": "https://www.suse.com/security/cve/CVE-2023-52591"
},
{
"category": "external",
"summary": "SUSE Bug 1221044 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52593"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()\n\nSince \u0027ieee80211_beacon_get()\u0027 can return NULL, \u0027wfx_set_mfp_ap()\u0027\nshould check the return value before examining skb data. So convert\nthe latter to return an appropriate error code and propagate it to\nreturn from \u0027wfx_start_ap()\u0027 as well. Compile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52593",
"url": "https://www.suse.com/security/cve/CVE-2023-52593"
},
{
"category": "external",
"summary": "SUSE Bug 1221042 for CVE-2023-52593",
"url": "https://bugzilla.suse.com/1221042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52593"
},
{
"cve": "CVE-2023-52614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix buffer overflow in trans_stat_show\n\nFix buffer overflow in trans_stat_show().\n\nConvert simple snprintf to the more secure scnprintf with size of\nPAGE_SIZE.\n\nAdd condition checking if we are exceeding PAGE_SIZE and exit early from\nloop. Also add at the end a warning that we exceeded PAGE_SIZE and that\nstats is disabled.\n\nReturn -EFBIG in the case where we don\u0027t have enough space to write the\nfull transition table.\n\nAlso document in the ABI that this function can return -EFBIG error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52614",
"url": "https://www.suse.com/security/cve/CVE-2023-52614"
},
{
"category": "external",
"summary": "SUSE Bug 1221617 for CVE-2023-52614",
"url": "https://bugzilla.suse.com/1221617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52614"
},
{
"cve": "CVE-2023-52616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init\n\nWhen the mpi_ec_ctx structure is initialized, some fields are not\ncleared, causing a crash when referencing the field when the\nstructure was released. Initially, this issue was ignored because\nmemory for mpi_ec_ctx is allocated with the __GFP_ZERO flag.\nFor example, this error will be triggered when calculating the\nZa value for SM2 separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52616",
"url": "https://www.suse.com/security/cve/CVE-2023-52616"
},
{
"category": "external",
"summary": "SUSE Bug 1221612 for CVE-2023-52616",
"url": "https://bugzilla.suse.com/1221612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52616"
},
{
"cve": "CVE-2023-52620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52620"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow timeout for anonymous sets\n\nNever used from userspace, disallow these parameters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52620",
"url": "https://www.suse.com/security/cve/CVE-2023-52620"
},
{
"category": "external",
"summary": "SUSE Bug 1221825 for CVE-2023-52620",
"url": "https://bugzilla.suse.com/1221825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52620"
},
{
"cve": "CVE-2023-52635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Synchronize devfreq_monitor_[start/stop]\n\nThere is a chance if a frequent switch of the governor\ndone in a loop result in timer list corruption where\ntimer cancel being done from two place one from\ncancel_delayed_work_sync() and followed by expire_timers()\ncan be seen from the traces[1].\n\nwhile true\ndo\n echo \"simple_ondemand\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\n echo \"performance\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\ndone\n\nIt looks to be issue with devfreq driver where\ndevice_monitor_[start/stop] need to synchronized so that\ndelayed work should get corrupted while it is either\nbeing queued or running or being cancelled.\n\nLet\u0027s use polling flag and devfreq lock to synchronize the\nqueueing the timer instance twice and work data being\ncorrupted.\n\n[1]\n...\n..\n\u003cidle\u003e-0 [003] 9436.209662: timer_cancel timer=0xffffff80444f0428\n\u003cidle\u003e-0 [003] 9436.209664: timer_expire_entry timer=0xffffff80444f0428 now=0x10022da1c function=__typeid__ZTSFvP10timer_listE_global_addr baseclk=0x10022da1c\n\u003cidle\u003e-0 [003] 9436.209718: timer_expire_exit timer=0xffffff80444f0428\nkworker/u16:6-14217 [003] 9436.209863: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2b now=0x10022da1c flags=182452227\nvendor.xxxyyy.ha-1593 [004] 9436.209888: timer_cancel timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216390: timer_init timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216392: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2c now=0x10022da1d flags=186646532\nvendor.xxxyyy.ha-1593 [005] 9436.220992: timer_cancel timer=0xffffff80444f0428\nxxxyyyTraceManag-7795 [004] 9436.261641: timer_cancel timer=0xffffff80444f0428\n\n[2]\n\n 9436.261653][ C4] Unable to handle kernel paging request at virtual address dead00000000012a\n[ 9436.261664][ C4] Mem abort info:\n[ 9436.261666][ C4] ESR = 0x96000044\n[ 9436.261669][ C4] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 9436.261671][ C4] SET = 0, FnV = 0\n[ 9436.261673][ C4] EA = 0, S1PTW = 0\n[ 9436.261675][ C4] Data abort info:\n[ 9436.261677][ C4] ISV = 0, ISS = 0x00000044\n[ 9436.261680][ C4] CM = 0, WnR = 1\n[ 9436.261682][ C4] [dead00000000012a] address between user and kernel address ranges\n[ 9436.261685][ C4] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[ 9436.261701][ C4] Skip md ftrace buffer dump for: 0x3a982d0\n...\n\n[ 9436.262138][ C4] CPU: 4 PID: 7795 Comm: TraceManag Tainted: G S W O 5.10.149-android12-9-o-g17f915d29d0c #1\n[ 9436.262141][ C4] Hardware name: Qualcomm Technologies, Inc. (DT)\n[ 9436.262144][ C4] pstate: 22400085 (nzCv daIf +PAN -UAO +TCO BTYPE=--)\n[ 9436.262161][ C4] pc : expire_timers+0x9c/0x438\n[ 9436.262164][ C4] lr : expire_timers+0x2a4/0x438\n[ 9436.262168][ C4] sp : ffffffc010023dd0\n[ 9436.262171][ C4] x29: ffffffc010023df0 x28: ffffffd0636fdc18\n[ 9436.262178][ C4] x27: ffffffd063569dd0 x26: ffffffd063536008\n[ 9436.262182][ C4] x25: 0000000000000001 x24: ffffff88f7c69280\n[ 9436.262185][ C4] x23: 00000000000000e0 x22: dead000000000122\n[ 9436.262188][ C4] x21: 000000010022da29 x20: ffffff8af72b4e80\n[ 9436.262191][ C4] x19: ffffffc010023e50 x18: ffffffc010025038\n[ 9436.262195][ C4] x17: 0000000000000240 x16: 0000000000000201\n[ 9436.262199][ C4] x15: ffffffffffffffff x14: ffffff889f3c3100\n[ 9436.262203][ C4] x13: ffffff889f3c3100 x12: 00000000049f56b8\n[ 9436.262207][ C4] x11: 00000000049f56b8 x10: 00000000ffffffff\n[ 9436.262212][ C4] x9 : ffffffc010023e50 x8 : dead000000000122\n[ 9436.262216][ C4] x7 : ffffffffffffffff x6 : ffffffc0100239d8\n[ 9436.262220][ C4] x5 : 0000000000000000 x4 : 0000000000000101\n[ 9436.262223][ C4] x3 : 0000000000000080 x2 : ffffff8\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52635",
"url": "https://www.suse.com/security/cve/CVE-2023-52635"
},
{
"category": "external",
"summary": "SUSE Bug 1222294 for CVE-2023-52635",
"url": "https://bugzilla.suse.com/1222294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52635"
},
{
"cve": "CVE-2023-52645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52645"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: mediatek: fix race conditions with genpd\n\nIf the power domains are registered first with genpd and *after that*\nthe driver attempts to power them on in the probe sequence, then it is\npossible that a race condition occurs if genpd tries to power them on\nin the same time.\nThe same is valid for powering them off before unregistering them\nfrom genpd.\nAttempt to fix race conditions by first removing the domains from genpd\nand *after that* powering down domains.\nAlso first power up the domains and *after that* register them\nto genpd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52645",
"url": "https://www.suse.com/security/cve/CVE-2023-52645"
},
{
"category": "external",
"summary": "SUSE Bug 1223033 for CVE-2023-52645",
"url": "https://bugzilla.suse.com/1223033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52645"
},
{
"cve": "CVE-2023-52646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix mremap after fork null-deref\n\nCommit e4a0d3e720e7 (\"aio: Make it possible to remap aio ring\") introduced\na null-deref if mremap is called on an old aio mapping after fork as\nmm-\u003eioctx_table will be set to NULL.\n\n[jmoyer@redhat.com: fix 80 column issue]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52646",
"url": "https://www.suse.com/security/cve/CVE-2023-52646"
},
{
"category": "external",
"summary": "SUSE Bug 1223432 for CVE-2023-52646",
"url": "https://bugzilla.suse.com/1223432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52646"
},
{
"cve": "CVE-2023-52652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNTB: fix possible name leak in ntb_register_device()\n\nIf device_register() fails in ntb_register_device(), the device name\nallocated by dev_set_name() should be freed. As per the comment in\ndevice_register(), callers should use put_device() to give up the\nreference in the error path. So fix this by calling put_device() in the\nerror path so that the name can be freed in kobject_cleanup().\n\nAs a result of this, put_device() in the error path of\nntb_register_device() is removed and the actual error is returned.\n\n[mani: reworded commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52652",
"url": "https://www.suse.com/security/cve/CVE-2023-52652"
},
{
"category": "external",
"summary": "SUSE Bug 1223686 for CVE-2023-52652",
"url": "https://bugzilla.suse.com/1223686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-52652"
},
{
"cve": "CVE-2023-6270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6270"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6270",
"url": "https://www.suse.com/security/cve/CVE-2023-6270"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1218813 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218813"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-6270"
},
{
"cve": "CVE-2024-0639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0639"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel\u0027s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0639",
"url": "https://www.suse.com/security/cve/CVE-2024-0639"
},
{
"category": "external",
"summary": "SUSE Bug 1218917 for CVE-2024-0639",
"url": "https://bugzilla.suse.com/1218917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-0639"
},
{
"cve": "CVE-2024-0841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0841"
}
],
"notes": [
{
"category": "general",
"text": "A null pointer dereference flaw was found in the hugetlbfs_fill_super function in the Linux kernel hugetlbfs (HugeTLB pages) functionality. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0841",
"url": "https://www.suse.com/security/cve/CVE-2024-0841"
},
{
"category": "external",
"summary": "SUSE Bug 1219264 for CVE-2024-0841",
"url": "https://bugzilla.suse.com/1219264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-0841"
},
{
"cve": "CVE-2024-2201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-2201"
}
],
"notes": [
{
"category": "general",
"text": "A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-2201",
"url": "https://www.suse.com/security/cve/CVE-2024-2201"
},
{
"category": "external",
"summary": "SUSE Bug 1212111 for CVE-2024-2201",
"url": "https://bugzilla.suse.com/1212111"
},
{
"category": "external",
"summary": "SUSE Bug 1217339 for CVE-2024-2201",
"url": "https://bugzilla.suse.com/1217339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-2201"
},
{
"cve": "CVE-2024-22099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-22099"
}
],
"notes": [
{
"category": "general",
"text": "NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C.\n\nThis issue affects Linux kernel: v2.6.12-rc2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-22099",
"url": "https://www.suse.com/security/cve/CVE-2024-22099"
},
{
"category": "external",
"summary": "SUSE Bug 1219170 for CVE-2024-22099",
"url": "https://bugzilla.suse.com/1219170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-22099"
},
{
"cve": "CVE-2024-23307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23307"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23307",
"url": "https://www.suse.com/security/cve/CVE-2024-23307"
},
{
"category": "external",
"summary": "SUSE Bug 1219169 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "external",
"summary": "SUSE Bug 1220145 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1220145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-23848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23848",
"url": "https://www.suse.com/security/cve/CVE-2024-23848"
},
{
"category": "external",
"summary": "SUSE Bug 1219104 for CVE-2024-23848",
"url": "https://bugzilla.suse.com/1219104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-23848"
},
{
"cve": "CVE-2024-23850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23850"
}
],
"notes": [
{
"category": "general",
"text": "In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23850",
"url": "https://www.suse.com/security/cve/CVE-2024-23850"
},
{
"category": "external",
"summary": "SUSE Bug 1219126 for CVE-2024-23850",
"url": "https://bugzilla.suse.com/1219126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-23850"
},
{
"cve": "CVE-2024-26601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: regenerate buddy after block freeing failed if under fc replay\n\nThis mostly reverts commit 6bd97bf273bd (\"ext4: remove redundant\nmb_regenerate_buddy()\") and reintroduces mb_regenerate_buddy(). Based on\ncode in mb_free_blocks(), fast commit replay can end up marking as free\nblocks that are already marked as such. This causes corruption of the\nbuddy bitmap so we need to regenerate it in that case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26601",
"url": "https://www.suse.com/security/cve/CVE-2024-26601"
},
{
"category": "external",
"summary": "SUSE Bug 1220342 for CVE-2024-26601",
"url": "https://bugzilla.suse.com/1220342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26601"
},
{
"cve": "CVE-2024-26610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we\u0027ll write past the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26610",
"url": "https://www.suse.com/security/cve/CVE-2024-26610"
},
{
"category": "external",
"summary": "SUSE Bug 1221299 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221299"
},
{
"category": "external",
"summary": "SUSE Bug 1221302 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2024-26610"
},
{
"cve": "CVE-2024-26656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix use-after-free bug\n\nThe bug can be triggered by sending a single amdgpu_gem_userptr_ioctl\nto the AMDGPU DRM driver on any ASICs with an invalid address and size.\nThe bug was reported by Joonkyo Jung \u003cjoonkyoj@yonsei.ac.kr\u003e.\nFor example the following code:\n\nstatic void Syzkaller1(int fd)\n{\n\tstruct drm_amdgpu_gem_userptr arg;\n\tint ret;\n\n\targ.addr = 0xffffffffffff0000;\n\targ.size = 0x80000000; /*2 Gb*/\n\targ.flags = 0x7;\n\tret = drmIoctl(fd, 0xc1186451/*amdgpu_gem_userptr_ioctl*/, \u0026arg);\n}\n\nDue to the address and size are not valid there is a failure in\namdgpu_hmm_register-\u003emmu_interval_notifier_insert-\u003e__mmu_interval_notifier_insert-\u003e\ncheck_shl_overflow, but we even the amdgpu_hmm_register failure we still call\namdgpu_hmm_unregister into amdgpu_gem_object_free which causes access to a bad address.\nThe following stack is below when the issue is reproduced when Kazan is enabled:\n\n[ +0.000014] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020\n[ +0.000009] RIP: 0010:mmu_interval_notifier_remove+0x327/0x340\n[ +0.000017] Code: ff ff 49 89 44 24 08 48 b8 00 01 00 00 00 00 ad de 4c 89 f7 49 89 47 40 48 83 c0 22 49 89 47 48 e8 ce d1 2d 01 e9 32 ff ff ff \u003c0f\u003e 0b e9 16 ff ff ff 4c 89 ef e8 fa 14 b3 ff e9 36 ff ff ff e8 80\n[ +0.000014] RSP: 0018:ffffc90002657988 EFLAGS: 00010246\n[ +0.000013] RAX: 0000000000000000 RBX: 1ffff920004caf35 RCX: ffffffff8160565b\n[ +0.000011] RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffff8881a9f78260\n[ +0.000010] RBP: ffffc90002657a70 R08: 0000000000000001 R09: fffff520004caf25\n[ +0.000010] R10: 0000000000000003 R11: ffffffff8161d1d6 R12: ffff88810e988c00\n[ +0.000010] R13: ffff888126fb5a00 R14: ffff88810e988c0c R15: ffff8881a9f78260\n[ +0.000011] FS: 00007ff9ec848540(0000) GS:ffff8883cc880000(0000) knlGS:0000000000000000\n[ +0.000012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.000010] CR2: 000055b3f7e14328 CR3: 00000001b5770000 CR4: 0000000000350ef0\n[ +0.000010] Call Trace:\n[ +0.000006] \u003cTASK\u003e\n[ +0.000007] ? show_regs+0x6a/0x80\n[ +0.000018] ? __warn+0xa5/0x1b0\n[ +0.000019] ? mmu_interval_notifier_remove+0x327/0x340\n[ +0.000018] ? report_bug+0x24a/0x290\n[ +0.000022] ? handle_bug+0x46/0x90\n[ +0.000015] ? exc_invalid_op+0x19/0x50\n[ +0.000016] ? asm_exc_invalid_op+0x1b/0x20\n[ +0.000017] ? kasan_save_stack+0x26/0x50\n[ +0.000017] ? mmu_interval_notifier_remove+0x23b/0x340\n[ +0.000019] ? mmu_interval_notifier_remove+0x327/0x340\n[ +0.000019] ? mmu_interval_notifier_remove+0x23b/0x340\n[ +0.000020] ? __pfx_mmu_interval_notifier_remove+0x10/0x10\n[ +0.000017] ? kasan_save_alloc_info+0x1e/0x30\n[ +0.000018] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? __kasan_kmalloc+0xb1/0xc0\n[ +0.000018] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? __kasan_check_read+0x11/0x20\n[ +0.000020] amdgpu_hmm_unregister+0x34/0x50 [amdgpu]\n[ +0.004695] amdgpu_gem_object_free+0x66/0xa0 [amdgpu]\n[ +0.004534] ? __pfx_amdgpu_gem_object_free+0x10/0x10 [amdgpu]\n[ +0.004291] ? do_syscall_64+0x5f/0xe0\n[ +0.000023] ? srso_return_thunk+0x5/0x5f\n[ +0.000017] drm_gem_object_free+0x3b/0x50 [drm]\n[ +0.000489] amdgpu_gem_userptr_ioctl+0x306/0x500 [amdgpu]\n[ +0.004295] ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu]\n[ +0.004270] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? __this_cpu_preempt_check+0x13/0x20\n[ +0.000015] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? sysvec_apic_timer_interrupt+0x57/0xc0\n[ +0.000020] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20\n[ +0.000022] ? drm_ioctl_kernel+0x17b/0x1f0 [drm]\n[ +0.000496] ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu]\n[ +0.004272] ? drm_ioctl_kernel+0x190/0x1f0 [drm]\n[ +0.000492] drm_ioctl_kernel+0x140/0x1f0 [drm]\n[ +0.000497] ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu]\n[ +0.004297] ? __pfx_drm_ioctl_kernel+0x10/0x10 [d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26656",
"url": "https://www.suse.com/security/cve/CVE-2024-26656"
},
{
"category": "external",
"summary": "SUSE Bug 1222307 for CVE-2024-26656",
"url": "https://bugzilla.suse.com/1222307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26656"
},
{
"cve": "CVE-2024-26671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26671",
"url": "https://www.suse.com/security/cve/CVE-2024-26671"
},
{
"category": "external",
"summary": "SUSE Bug 1222357 for CVE-2024-26671",
"url": "https://bugzilla.suse.com/1222357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26671"
},
{
"cve": "CVE-2024-26673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations\n\n- Disallow families other than NFPROTO_{IPV4,IPV6,INET}.\n- Disallow layer 4 protocol with no ports, since destination port is a\n mandatory attribute for this object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26673",
"url": "https://www.suse.com/security/cve/CVE-2024-26673"
},
{
"category": "external",
"summary": "SUSE Bug 1222368 for CVE-2024-26673",
"url": "https://bugzilla.suse.com/1222368"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26673"
},
{
"cve": "CVE-2024-26675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp_async: limit MRU to 64K\n\nsyzbot triggered a warning [1] in __alloc_pages():\n\nWARN_ON_ONCE_GFP(order \u003e MAX_PAGE_ORDER, gfp)\n\nWillem fixed a similar issue in commit c0a2a1b0d631 (\"ppp: limit MRU to 64K\")\n\nAdopt the same sanity check for ppp_async_ioctl(PPPIOCSMRU)\n\n[1]:\n\n WARNING: CPU: 1 PID: 11 at mm/page_alloc.c:4543 __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\nModules linked in:\nCPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted 6.8.0-rc2-syzkaller-g41bccc98fb79 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nWorkqueue: events_unbound flush_to_ldisc\npstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n lr : __alloc_pages+0xc8/0x698 mm/page_alloc.c:4537\nsp : ffff800093967580\nx29: ffff800093967660 x28: ffff8000939675a0 x27: dfff800000000000\nx26: ffff70001272ceb4 x25: 0000000000000000 x24: ffff8000939675c0\nx23: 0000000000000000 x22: 0000000000060820 x21: 1ffff0001272ceb8\nx20: ffff8000939675e0 x19: 0000000000000010 x18: ffff800093967120\nx17: ffff800083bded5c x16: ffff80008ac97500 x15: 0000000000000005\nx14: 1ffff0001272cebc x13: 0000000000000000 x12: 0000000000000000\nx11: ffff70001272cec1 x10: 1ffff0001272cec0 x9 : 0000000000000001\nx8 : ffff800091c91000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 00000000ffffffff x4 : 0000000000000000 x3 : 0000000000000020\nx2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff8000939675e0\nCall trace:\n __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n __kmalloc_large_node+0xbc/0x1fc mm/slub.c:3926\n __do_kmalloc_node mm/slub.c:3969 [inline]\n __kmalloc_node_track_caller+0x418/0x620 mm/slub.c:4001\n kmalloc_reserve+0x17c/0x23c net/core/skbuff.c:590\n __alloc_skb+0x1c8/0x3d8 net/core/skbuff.c:651\n __netdev_alloc_skb+0xb8/0x3e8 net/core/skbuff.c:715\n netdev_alloc_skb include/linux/skbuff.h:3235 [inline]\n dev_alloc_skb include/linux/skbuff.h:3248 [inline]\n ppp_async_input drivers/net/ppp/ppp_async.c:863 [inline]\n ppp_asynctty_receive+0x588/0x186c drivers/net/ppp/ppp_async.c:341\n tty_ldisc_receive_buf+0x12c/0x15c drivers/tty/tty_buffer.c:390\n tty_port_default_receive_buf+0x74/0xac drivers/tty/tty_port.c:37\n receive_buf drivers/tty/tty_buffer.c:444 [inline]\n flush_to_ldisc+0x284/0x6e4 drivers/tty/tty_buffer.c:494\n process_one_work+0x694/0x1204 kernel/workqueue.c:2633\n process_scheduled_works kernel/workqueue.c:2706 [inline]\n worker_thread+0x938/0xef4 kernel/workqueue.c:2787\n kthread+0x288/0x310 kernel/kthread.c:388\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26675",
"url": "https://www.suse.com/security/cve/CVE-2024-26675"
},
{
"category": "external",
"summary": "SUSE Bug 1222379 for CVE-2024-26675",
"url": "https://bugzilla.suse.com/1222379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26675"
},
{
"cve": "CVE-2024-26679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: read sk-\u003esk_family once in inet_recv_error()\n\ninet_recv_error() is called without holding the socket lock.\n\nIPv6 socket could mutate to IPv4 with IPV6_ADDRFORM\nsocket option and trigger a KCSAN warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26679",
"url": "https://www.suse.com/security/cve/CVE-2024-26679"
},
{
"category": "external",
"summary": "SUSE Bug 1222385 for CVE-2024-26679",
"url": "https://bugzilla.suse.com/1222385"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26679"
},
{
"cve": "CVE-2024-26687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/events: close evtchn after mapping cleanup\n\nshutdown_pirq and startup_pirq are not taking the\nirq_mapping_update_lock because they can\u0027t due to lock inversion. Both\nare called with the irq_desc-\u003elock being taking. The lock order,\nhowever, is first irq_mapping_update_lock and then irq_desc-\u003elock.\n\nThis opens multiple races:\n- shutdown_pirq can be interrupted by a function that allocates an event\n channel:\n\n CPU0 CPU1\n shutdown_pirq {\n xen_evtchn_close(e)\n __startup_pirq {\n EVTCHNOP_bind_pirq\n -\u003e returns just freed evtchn e\n set_evtchn_to_irq(e, irq)\n }\n xen_irq_info_cleanup() {\n set_evtchn_to_irq(e, -1)\n }\n }\n\n Assume here event channel e refers here to the same event channel\n number.\n After this race the evtchn_to_irq mapping for e is invalid (-1).\n\n- __startup_pirq races with __unbind_from_irq in a similar way. Because\n __startup_pirq doesn\u0027t take irq_mapping_update_lock it can grab the\n evtchn that __unbind_from_irq is currently freeing and cleaning up. In\n this case even though the event channel is allocated, its mapping can\n be unset in evtchn_to_irq.\n\nThe fix is to first cleanup the mappings and then close the event\nchannel. In this way, when an event channel gets allocated it\u0027s\npotential previous evtchn_to_irq mappings are guaranteed to be unset already.\nThis is also the reverse order of the allocation where first the event\nchannel is allocated and then the mappings are setup.\n\nOn a 5.10 kernel prior to commit 3fcdaf3d7634 (\"xen/events: modify internal\n[un]bind interfaces\"), we hit a BUG like the following during probing of NVMe\ndevices. The issue is that during nvme_setup_io_queues, pci_free_irq\nis called for every device which results in a call to shutdown_pirq.\nWith many nvme devices it\u0027s therefore likely to hit this race during\nboot because there will be multiple calls to shutdown_pirq and\nstartup_pirq are running potentially in parallel.\n\n ------------[ cut here ]------------\n blkfront: xvda: barrier or flush: disabled; persistent grants: enabled; indirect descriptors: enabled; bounce buffer: enabled\n kernel BUG at drivers/xen/events/events_base.c:499!\n invalid opcode: 0000 [#1] SMP PTI\n CPU: 44 PID: 375 Comm: kworker/u257:23 Not tainted 5.10.201-191.748.amzn2.x86_64 #1\n Hardware name: Xen HVM domU, BIOS 4.11.amazon 08/24/2006\n Workqueue: nvme-reset-wq nvme_reset_work\n RIP: 0010:bind_evtchn_to_cpu+0xdf/0xf0\n Code: 5d 41 5e c3 cc cc cc cc 44 89 f7 e8 2b 55 ad ff 49 89 c5 48 85 c0 0f 84 64 ff ff ff 4c 8b 68 30 41 83 fe ff 0f 85 60 ff ff ff \u003c0f\u003e 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 0f 1f 44 00 00\n RSP: 0000:ffffc9000d533b08 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000006\n RDX: 0000000000000028 RSI: 00000000ffffffff RDI: 00000000ffffffff\n RBP: ffff888107419680 R08: 0000000000000000 R09: ffffffff82d72b00\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000000001ed\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffff88bc8b500000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000002610001 CR4: 00000000001706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n ? show_trace_log_lvl+0x1c1/0x2d9\n ? show_trace_log_lvl+0x1c1/0x2d9\n ? set_affinity_irq+0xdc/0x1c0\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0x90/0x110\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? do_error_trap+0x65/0x80\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? exc_invalid_op+0x4e/0x70\n ? bind_evtchn_to_cpu+0xdf/0xf0\n ? asm_exc_invalid_op+0x12/0x20\n ? bind_evtchn_to_cpu+0xdf/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26687",
"url": "https://www.suse.com/security/cve/CVE-2024-26687"
},
{
"category": "external",
"summary": "SUSE Bug 1222435 for CVE-2024-26687",
"url": "https://bugzilla.suse.com/1222435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26687"
},
{
"cve": "CVE-2024-26688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super\n\nWhen configuring a hugetlb filesystem via the fsconfig() syscall, there is\na possible NULL dereference in hugetlbfs_fill_super() caused by assigning\nNULL to ctx-\u003ehstate in hugetlbfs_parse_param() when the requested pagesize\nis non valid.\n\nE.g: Taking the following steps:\n\n fd = fsopen(\"hugetlbfs\", FSOPEN_CLOEXEC);\n fsconfig(fd, FSCONFIG_SET_STRING, \"pagesize\", \"1024\", 0);\n fsconfig(fd, FSCONFIG_CMD_CREATE, NULL, NULL, 0);\n\nGiven that the requested \"pagesize\" is invalid, ctxt-\u003ehstate will be replaced\nwith NULL, losing its previous value, and we will print an error:\n\n ...\n ...\n case Opt_pagesize:\n ps = memparse(param-\u003estring, \u0026rest);\n ctx-\u003ehstate = h;\n if (!ctx-\u003ehstate) {\n pr_err(\"Unsupported page size %lu MB\\n\", ps / SZ_1M);\n return -EINVAL;\n }\n return 0;\n ...\n ...\n\nThis is a problem because later on, we will dereference ctxt-\u003ehstate in\nhugetlbfs_fill_super()\n\n ...\n ...\n sb-\u003es_blocksize = huge_page_size(ctx-\u003ehstate);\n ...\n ...\n\nCausing below Oops.\n\nFix this by replacing cxt-\u003ehstate value only when then pagesize is known\nto be valid.\n\n kernel: hugetlbfs: Unsupported page size 0 MB\n kernel: BUG: kernel NULL pointer dereference, address: 0000000000000028\n kernel: #PF: supervisor read access in kernel mode\n kernel: #PF: error_code(0x0000) - not-present page\n kernel: PGD 800000010f66c067 P4D 800000010f66c067 PUD 1b22f8067 PMD 0\n kernel: Oops: 0000 [#1] PREEMPT SMP PTI\n kernel: CPU: 4 PID: 5659 Comm: syscall Tainted: G E 6.8.0-rc2-default+ #22 5a47c3fef76212addcc6eb71344aabc35190ae8f\n kernel: Hardware name: Intel Corp. GROVEPORT/GROVEPORT, BIOS GVPRCRB1.86B.0016.D04.1705030402 05/03/2017\n kernel: RIP: 0010:hugetlbfs_fill_super+0xb4/0x1a0\n kernel: Code: 48 8b 3b e8 3e c6 ed ff 48 85 c0 48 89 45 20 0f 84 d6 00 00 00 48 b8 ff ff ff ff ff ff ff 7f 4c 89 e7 49 89 44 24 20 48 8b 03 \u003c8b\u003e 48 28 b8 00 10 00 00 48 d3 e0 49 89 44 24 18 48 8b 03 8b 40 28\n kernel: RSP: 0018:ffffbe9960fcbd48 EFLAGS: 00010246\n kernel: RAX: 0000000000000000 RBX: ffff9af5272ae780 RCX: 0000000000372004\n kernel: RDX: ffffffffffffffff RSI: ffffffffffffffff RDI: ffff9af555e9b000\n kernel: RBP: ffff9af52ee66b00 R08: 0000000000000040 R09: 0000000000370004\n kernel: R10: ffffbe9960fcbd48 R11: 0000000000000040 R12: ffff9af555e9b000\n kernel: R13: ffffffffa66b86c0 R14: ffff9af507d2f400 R15: ffff9af507d2f400\n kernel: FS: 00007ffbc0ba4740(0000) GS:ffff9b0bd7000000(0000) knlGS:0000000000000000\n kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n kernel: CR2: 0000000000000028 CR3: 00000001b1ee0000 CR4: 00000000001506f0\n kernel: Call Trace:\n kernel: \u003cTASK\u003e\n kernel: ? __die_body+0x1a/0x60\n kernel: ? page_fault_oops+0x16f/0x4a0\n kernel: ? search_bpf_extables+0x65/0x70\n kernel: ? fixup_exception+0x22/0x310\n kernel: ? exc_page_fault+0x69/0x150\n kernel: ? asm_exc_page_fault+0x22/0x30\n kernel: ? __pfx_hugetlbfs_fill_super+0x10/0x10\n kernel: ? hugetlbfs_fill_super+0xb4/0x1a0\n kernel: ? hugetlbfs_fill_super+0x28/0x1a0\n kernel: ? __pfx_hugetlbfs_fill_super+0x10/0x10\n kernel: vfs_get_super+0x40/0xa0\n kernel: ? __pfx_bpf_lsm_capable+0x10/0x10\n kernel: vfs_get_tree+0x25/0xd0\n kernel: vfs_cmd_create+0x64/0xe0\n kernel: __x64_sys_fsconfig+0x395/0x410\n kernel: do_syscall_64+0x80/0x160\n kernel: ? syscall_exit_to_user_mode+0x82/0x240\n kernel: ? do_syscall_64+0x8d/0x160\n kernel: ? syscall_exit_to_user_mode+0x82/0x240\n kernel: ? do_syscall_64+0x8d/0x160\n kernel: ? exc_page_fault+0x69/0x150\n kernel: entry_SYSCALL_64_after_hwframe+0x6e/0x76\n kernel: RIP: 0033:0x7ffbc0cb87c9\n kernel: Code: 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 97 96 0d 00 f7 d8 64 89 01 48\n kernel: RSP: 002b:00007ffc29d2f388 EFLAGS: 00000206 ORIG_RAX: 00000000000001af\n kernel: RAX: fffffffffff\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26688",
"url": "https://www.suse.com/security/cve/CVE-2024-26688"
},
{
"category": "external",
"summary": "SUSE Bug 1222482 for CVE-2024-26688",
"url": "https://bugzilla.suse.com/1222482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26688"
},
{
"cve": "CVE-2024-26700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix MST Null Ptr for RV\n\nThe change try to fix below error specific to RV platform:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2\nHardware name: LENOVO 20NKS01Y00/20NKS01Y00, BIOS R12ET61W(1.31 ) 07/28/2022\nRIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]\nCode: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 \u003c48\u003e 8\u003e\nRSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224\nRDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280\nRBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850\nR10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000\nR13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224\nFS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 000000010ddc6000 CR4: 00000000003506e0\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? plist_add+0xbe/0x100\n ? exc_page_fault+0x7c/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n ? drm_dp_atomic_find_time_slots+0x28/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n compute_mst_dsc_configs_for_link+0x2ff/0xa40 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n ? fill_plane_buffer_attributes+0x419/0x510 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n compute_mst_dsc_configs_for_state+0x1e1/0x250 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n amdgpu_dm_atomic_check+0xecd/0x1190 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n drm_atomic_check_only+0x5c5/0xa40\n drm_mode_atomic_ioctl+0x76e/0xbc0\n ? _copy_to_user+0x25/0x30\n ? drm_ioctl+0x296/0x4b0\n ? __pfx_drm_mode_atomic_ioctl+0x10/0x10\n drm_ioctl_kernel+0xcd/0x170\n drm_ioctl+0x26d/0x4b0\n ? __pfx_drm_mode_atomic_ioctl+0x10/0x10\n amdgpu_drm_ioctl+0x4e/0x90 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n __x64_sys_ioctl+0x94/0xd0\n do_syscall_64+0x60/0x90\n ? do_syscall_64+0x6c/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7f4dad17f76f\nCode: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 \u003c89\u003e c\u003e\nRSP: 002b:00007ffd9ae859f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000055e255a55900 RCX: 00007f4dad17f76f\nRDX: 00007ffd9ae85a90 RSI: 00000000c03864bc RDI: 000000000000000b\nRBP: 00007ffd9ae85a90 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000000 R11: 0000000000000246 R12: 00000000c03864bc\nR13: 000000000000000b R14: 000055e255a7fc60 R15: 000055e255a01eb0\n \u003c/TASK\u003e\nModules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device ccm cmac algif_hash algif_skcipher af_alg joydev mousedev bnep \u003e\n typec libphy k10temp ipmi_msghandler roles i2c_scmi acpi_cpufreq mac_hid nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_mas\u003e\nCR2: 0000000000000008\n---[ end trace 0000000000000000 ]---\nRIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]\nCode: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 \u003c48\u003e 8\u003e\nRSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224\nRDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280\nRBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850\nR10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000\nR13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224\nFS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26700",
"url": "https://www.suse.com/security/cve/CVE-2024-26700"
},
{
"category": "external",
"summary": "SUSE Bug 1222870 for CVE-2024-26700",
"url": "https://bugzilla.suse.com/1222870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26700"
},
{
"cve": "CVE-2024-26702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC\n\nRecently, we encounter kernel crash in function rm3100_common_probe\ncaused by out of bound access of array rm3100_samp_rates (because of\nunderlying hardware failures). Add boundary check to prevent out of\nbound access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26702",
"url": "https://www.suse.com/security/cve/CVE-2024-26702"
},
{
"category": "external",
"summary": "SUSE Bug 1222424 for CVE-2024-26702",
"url": "https://bugzilla.suse.com/1222424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26702"
},
{
"cve": "CVE-2024-26733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: Prevent overflow in arp_req_get().\n\nsyzkaller reported an overflown write in arp_req_get(). [0]\n\nWhen ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour\nentry and copies neigh-\u003eha to struct arpreq.arp_ha.sa_data.\n\nThe arp_ha here is struct sockaddr, not struct sockaddr_storage, so\nthe sa_data buffer is just 14 bytes.\n\nIn the splat below, 2 bytes are overflown to the next int field,\narp_flags. We initialise the field just after the memcpy(), so it\u0027s\nnot a problem.\n\nHowever, when dev-\u003eaddr_len is greater than 22 (e.g. MAX_ADDR_LEN),\narp_netmask is overwritten, which could be set as htonl(0xFFFFFFFFUL)\nin arp_ioctl() before calling arp_req_get().\n\nTo avoid the overflow, let\u0027s limit the max length of memcpy().\n\nNote that commit b5f0de6df6dc (\"net: dev: Convert sa_data to flexible\narray in struct sockaddr\") just silenced syzkaller.\n\n[0]:\nmemcpy: detected field-spanning write (size 16) of single field \"r-\u003earp_ha.sa_data\" at net/ipv4/arp.c:1128 (size 14)\nWARNING: CPU: 0 PID: 144638 at net/ipv4/arp.c:1128 arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nModules linked in:\nCPU: 0 PID: 144638 Comm: syz-executor.4 Not tainted 6.1.74 #31\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014\nRIP: 0010:arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nCode: fd ff ff e8 41 42 de fb b9 0e 00 00 00 4c 89 fe 48 c7 c2 20 6d ab 87 48 c7 c7 80 6d ab 87 c6 05 25 af 72 04 01 e8 5f 8d ad fb \u003c0f\u003e 0b e9 6c fd ff ff e8 13 42 de fb be 03 00 00 00 4c 89 e7 e8 a6\nRSP: 0018:ffffc900050b7998 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff88803a815000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff8641a44a RDI: 0000000000000001\nRBP: ffffc900050b7a98 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 203a7970636d656d R12: ffff888039c54000\nR13: 1ffff92000a16f37 R14: ffff88803a815084 R15: 0000000000000010\nFS: 00007f172bf306c0(0000) GS:ffff88805aa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f172b3569f0 CR3: 0000000057f12005 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n arp_ioctl+0x33f/0x4b0 net/ipv4/arp.c:1261\n inet_ioctl+0x314/0x3a0 net/ipv4/af_inet.c:981\n sock_do_ioctl+0xdf/0x260 net/socket.c:1204\n sock_ioctl+0x3ef/0x650 net/socket.c:1321\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18e/0x220 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x64/0xce\nRIP: 0033:0x7f172b262b8d\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f172bf300b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f172b3abf80 RCX: 00007f172b262b8d\nRDX: 0000000020000000 RSI: 0000000000008954 RDI: 0000000000000003\nRBP: 00007f172b2d3493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007f172b3abf80 R15: 00007f172bf10000\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26733",
"url": "https://www.suse.com/security/cve/CVE-2024-26733"
},
{
"category": "external",
"summary": "SUSE Bug 1222585 for CVE-2024-26733",
"url": "https://bugzilla.suse.com/1222585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26733"
},
{
"cve": "CVE-2024-26739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: don\u0027t override retval if we already lost the skb\n\nIf we\u0027re redirecting the skb, and haven\u0027t called tcf_mirred_forward(),\nyet, we need to tell the core to drop the skb by setting the retcode\nto SHOT. If we have called tcf_mirred_forward(), however, the skb\nis out of our hands and returning SHOT will lead to UaF.\n\nMove the retval override to the error path which actually need it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26739",
"url": "https://www.suse.com/security/cve/CVE-2024-26739"
},
{
"category": "external",
"summary": "SUSE Bug 1222559 for CVE-2024-26739",
"url": "https://bugzilla.suse.com/1222559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio\n\nIf kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the\nfollowing kernel warning appears:\n\nWARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8\nCall trace:\n kiocb_set_cancel_fn+0x9c/0xa8\n ffs_epfile_read_iter+0x144/0x1d0\n io_read+0x19c/0x498\n io_issue_sqe+0x118/0x27c\n io_submit_sqes+0x25c/0x5fc\n __arm64_sys_io_uring_enter+0x104/0xab0\n invoke_syscall+0x58/0x11c\n el0_svc_common+0xb4/0xf4\n do_el0_svc+0x2c/0xb0\n el0_svc+0x2c/0xa4\n el0t_64_sync_handler+0x68/0xb4\n el0t_64_sync+0x1a4/0x1a8\n\nFix this by setting the IOCB_AIO_RW flag for read and write I/O that is\nsubmitted by libaio.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26764",
"url": "https://www.suse.com/security/cve/CVE-2024-26764"
},
{
"category": "external",
"summary": "SUSE Bug 1222721 for CVE-2024-26764",
"url": "https://bugzilla.suse.com/1222721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26764"
},
{
"cve": "CVE-2024-26766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Fix sdma.h tx-\u003enum_descs off-by-one error\n\nUnfortunately the commit `fd8958efe877` introduced another error\ncausing the `descs` array to overflow. This reults in further crashes\neasily reproducible by `sendmsg` system call.\n\n[ 1080.836473] general protection fault, probably for non-canonical address 0x400300015528b00a: 0000 [#1] PREEMPT SMP PTI\n[ 1080.869326] RIP: 0010:hfi1_ipoib_build_ib_tx_headers.constprop.0+0xe1/0x2b0 [hfi1]\n--\n[ 1080.974535] Call Trace:\n[ 1080.976990] \u003cTASK\u003e\n[ 1081.021929] hfi1_ipoib_send_dma_common+0x7a/0x2e0 [hfi1]\n[ 1081.027364] hfi1_ipoib_send_dma_list+0x62/0x270 [hfi1]\n[ 1081.032633] hfi1_ipoib_send+0x112/0x300 [hfi1]\n[ 1081.042001] ipoib_start_xmit+0x2a9/0x2d0 [ib_ipoib]\n[ 1081.046978] dev_hard_start_xmit+0xc4/0x210\n--\n[ 1081.148347] __sys_sendmsg+0x59/0xa0\n\ncrash\u003e ipoib_txreq 0xffff9cfeba229f00\nstruct ipoib_txreq {\n txreq = {\n list = {\n next = 0xffff9cfeba229f00,\n prev = 0xffff9cfeba229f00\n },\n descp = 0xffff9cfeba229f40,\n coalesce_buf = 0x0,\n wait = 0xffff9cfea4e69a48,\n complete = 0xffffffffc0fe0760 \u003chfi1_ipoib_sdma_complete\u003e,\n packet_len = 0x46d,\n tlen = 0x0,\n num_desc = 0x0,\n desc_limit = 0x6,\n next_descq_idx = 0x45c,\n coalesce_idx = 0x0,\n flags = 0x0,\n descs = {{\n qw = {0x8024000120dffb00, 0x4} # SDMA_DESC0_FIRST_DESC_FLAG (bit 63)\n }, {\n qw = { 0x3800014231b108, 0x4}\n }, {\n qw = { 0x310000e4ee0fcf0, 0x8}\n }, {\n qw = { 0x3000012e9f8000, 0x8}\n }, {\n qw = { 0x59000dfb9d0000, 0x8}\n }, {\n qw = { 0x78000e02e40000, 0x8}\n }}\n },\n sdma_hdr = 0x400300015528b000, \u003c\u003c\u003c invalid pointer in the tx request structure\n sdma_status = 0x0, SDMA_DESC0_LAST_DESC_FLAG (bit 62)\n complete = 0x0,\n priv = 0x0,\n txq = 0xffff9cfea4e69880,\n skb = 0xffff9d099809f400\n}\n\nIf an SDMA send consists of exactly 6 descriptors and requires dword\npadding (in the 7th descriptor), the sdma_txreq descriptor array is not\nproperly expanded and the packet will overflow into the container\nstructure. This results in a panic when the send completion runs. The\nexact panic varies depending on what elements of the container structure\nget corrupted. The fix is to use the correct expression in\n_pad_sdma_tx_descs() to test the need to expand the descriptor array.\n\nWith this patch the crashes are no longer reproducible and the machine is\nstable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26766",
"url": "https://www.suse.com/security/cve/CVE-2024-26766"
},
{
"category": "external",
"summary": "SUSE Bug 1222726 for CVE-2024-26766",
"url": "https://bugzilla.suse.com/1222726"
},
{
"category": "external",
"summary": "SUSE Bug 1222882 for CVE-2024-26766",
"url": "https://bugzilla.suse.com/1222882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2024-26766"
},
{
"cve": "CVE-2024-26772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\n\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\nthe protection of the group lock to avoid allocating blocks from the group\nwith a corrupted block bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26772",
"url": "https://www.suse.com/security/cve/CVE-2024-26772"
},
{
"category": "external",
"summary": "SUSE Bug 1222613 for CVE-2024-26772",
"url": "https://bugzilla.suse.com/1222613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26772"
},
{
"cve": "CVE-2024-26773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()\n\nDetermine if the group block bitmap is corrupted before using ac_b_ex in\next4_mb_try_best_found() to avoid allocating blocks from a group with a\ncorrupted block bitmap in the following concurrency and making the\nsituation worse.\n\next4_mb_regular_allocator\n ext4_lock_group(sb, group)\n ext4_mb_good_group\n // check if the group bbitmap is corrupted\n ext4_mb_complex_scan_group\n // Scan group gets ac_b_ex but doesn\u0027t use it\n ext4_unlock_group(sb, group)\n ext4_mark_group_bitmap_corrupted(group)\n // The block bitmap was corrupted during\n // the group unlock gap.\n ext4_mb_try_best_found\n ext4_lock_group(ac-\u003eac_sb, group)\n ext4_mb_use_best_found\n mb_mark_used\n // Allocating blocks in block bitmap corrupted group",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26773",
"url": "https://www.suse.com/security/cve/CVE-2024-26773"
},
{
"category": "external",
"summary": "SUSE Bug 1222618 for CVE-2024-26773",
"url": "https://bugzilla.suse.com/1222618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26773"
},
{
"cve": "CVE-2024-26783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26783"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index\n\nWith numa balancing on, when a numa system is running where a numa node\ndoesn\u0027t have its local memory so it has no managed zones, the following\noops has been observed. It\u0027s because wakeup_kswapd() is called with a\nwrong zone index, -1. Fixed it by checking the index before calling\nwakeup_kswapd().\n\n\u003e BUG: unable to handle page fault for address: 00000000000033f3\n\u003e #PF: supervisor read access in kernel mode\n\u003e #PF: error_code(0x0000) - not-present page\n\u003e PGD 0 P4D 0\n\u003e Oops: 0000 [#1] PREEMPT SMP NOPTI\n\u003e CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255\n\u003e Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n\u003e rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n\u003e RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812)\n\u003e Code: (omitted)\n\u003e RSP: 0000:ffffc90004257d58 EFLAGS: 00010286\n\u003e RAX: ffffffffffffffff RBX: ffff88883fff0480 RCX: 0000000000000003\n\u003e RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480\n\u003e RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff\n\u003e R10: ffff888106c95540 R11: 0000000055555554 R12: 0000000000000003\n\u003e R13: 0000000000000000 R14: 0000000000000000 R15: ffff88883fff0940\n\u003e FS: 00007fc4b8124740(0000) GS:ffff888827c00000(0000) knlGS:0000000000000000\n\u003e CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\u003e CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0\n\u003e DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n\u003e DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\u003e PKRU: 55555554\n\u003e Call Trace:\n\u003e \u003cTASK\u003e\n\u003e ? __die\n\u003e ? page_fault_oops\n\u003e ? __pte_offset_map_lock\n\u003e ? exc_page_fault\n\u003e ? asm_exc_page_fault\n\u003e ? wakeup_kswapd\n\u003e migrate_misplaced_page\n\u003e __handle_mm_fault\n\u003e handle_mm_fault\n\u003e do_user_addr_fault\n\u003e exc_page_fault\n\u003e asm_exc_page_fault\n\u003e RIP: 0033:0x55b897ba0808\n\u003e Code: (omitted)\n\u003e RSP: 002b:00007ffeefa821a0 EFLAGS: 00010287\n\u003e RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0\n\u003e RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0\n\u003e RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 0000000000000075\n\u003e R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n\u003e R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000\n\u003e \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26783",
"url": "https://www.suse.com/security/cve/CVE-2024-26783"
},
{
"category": "external",
"summary": "SUSE Bug 1222615 for CVE-2024-26783",
"url": "https://bugzilla.suse.com/1222615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26783"
},
{
"cve": "CVE-2024-26791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: dev-replace: properly validate device names\n\nThere\u0027s a syzbot report that device name buffers passed to device\nreplace are not properly checked for string termination which could lead\nto a read out of bounds in getname_kernel().\n\nAdd a helper that validates both source and target device name buffers.\nFor devid as the source initialize the buffer to empty string in case\nsomething tries to read it later.\n\nThis was originally analyzed and fixed in a different way by Edward Adam\nDavis (see links).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26791",
"url": "https://www.suse.com/security/cve/CVE-2024-26791"
},
{
"category": "external",
"summary": "SUSE Bug 1222793 for CVE-2024-26791",
"url": "https://bugzilla.suse.com/1222793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26791"
},
{
"cve": "CVE-2024-26792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix double free of anonymous device after snapshot creation failure\n\nWhen creating a snapshot we may do a double free of an anonymous device\nin case there\u0027s an error committing the transaction. The second free may\nresult in freeing an anonymous device number that was allocated by some\nother subsystem in the kernel or another btrfs filesystem.\n\nThe steps that lead to this:\n\n1) At ioctl.c:create_snapshot() we allocate an anonymous device number\n and assign it to pending_snapshot-\u003eanon_dev;\n\n2) Then we call btrfs_commit_transaction() and end up at\n transaction.c:create_pending_snapshot();\n\n3) There we call btrfs_get_new_fs_root() and pass it the anonymous device\n number stored in pending_snapshot-\u003eanon_dev;\n\n4) btrfs_get_new_fs_root() frees that anonymous device number because\n btrfs_lookup_fs_root() returned a root - someone else did a lookup\n of the new root already, which could some task doing backref walking;\n\n5) After that some error happens in the transaction commit path, and at\n ioctl.c:create_snapshot() we jump to the \u0027fail\u0027 label, and after\n that we free again the same anonymous device number, which in the\n meanwhile may have been reallocated somewhere else, because\n pending_snapshot-\u003eanon_dev still has the same value as in step 1.\n\nRecently syzbot ran into this and reported the following trace:\n\n ------------[ cut here ]------------\n ida_free called for id=51 which is not allocated.\n WARNING: CPU: 1 PID: 31038 at lib/idr.c:525 ida_free+0x370/0x420 lib/idr.c:525\n Modules linked in:\n CPU: 1 PID: 31038 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-00410-gc02197fc9076 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\n RIP: 0010:ida_free+0x370/0x420 lib/idr.c:525\n Code: 10 42 80 3c 28 (...)\n RSP: 0018:ffffc90015a67300 EFLAGS: 00010246\n RAX: be5130472f5dd000 RBX: 0000000000000033 RCX: 0000000000040000\n RDX: ffffc90009a7a000 RSI: 000000000003ffff RDI: 0000000000040000\n RBP: ffffc90015a673f0 R08: ffffffff81577992 R09: 1ffff92002b4cdb4\n R10: dffffc0000000000 R11: fffff52002b4cdb5 R12: 0000000000000246\n R13: dffffc0000000000 R14: ffffffff8e256b80 R15: 0000000000000246\n FS: 00007fca3f4b46c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f167a17b978 CR3: 000000001ed26000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n btrfs_get_root_ref+0xa48/0xaf0 fs/btrfs/disk-io.c:1346\n create_pending_snapshot+0xff2/0x2bc0 fs/btrfs/transaction.c:1837\n create_pending_snapshots+0x195/0x1d0 fs/btrfs/transaction.c:1931\n btrfs_commit_transaction+0xf1c/0x3740 fs/btrfs/transaction.c:2404\n create_snapshot+0x507/0x880 fs/btrfs/ioctl.c:848\n btrfs_mksubvol+0x5d0/0x750 fs/btrfs/ioctl.c:998\n btrfs_mksnapshot+0xb5/0xf0 fs/btrfs/ioctl.c:1044\n __btrfs_ioctl_snap_create+0x387/0x4b0 fs/btrfs/ioctl.c:1306\n btrfs_ioctl_snap_create_v2+0x1ca/0x400 fs/btrfs/ioctl.c:1393\n btrfs_ioctl+0xa74/0xd40\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:871 [inline]\n __se_sys_ioctl+0xfe/0x170 fs/ioctl.c:857\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n RIP: 0033:0x7fca3e67dda9\n Code: 28 00 00 00 (...)\n RSP: 002b:00007fca3f4b40c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007fca3e7abf80 RCX: 00007fca3e67dda9\n RDX: 00000000200005c0 RSI: 0000000050009417 RDI: 0000000000000003\n RBP: 00007fca3e6ca47a R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 000000000000000b R14: 00007fca3e7abf80 R15: 00007fff6bf95658\n \u003c/TASK\u003e\n\nWhere we get an explicit message where we attempt to free an anonymous\ndevice number that is not currently allocated. It happens in a different\ncode path from the example below, at btrfs_get_root_ref(), so this change\nmay not fix the case triggered by sy\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26792",
"url": "https://www.suse.com/security/cve/CVE-2024-26792"
},
{
"category": "external",
"summary": "SUSE Bug 1222430 for CVE-2024-26792",
"url": "https://bugzilla.suse.com/1222430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26792"
},
{
"cve": "CVE-2024-26816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26816",
"url": "https://www.suse.com/security/cve/CVE-2024-26816"
},
{
"category": "external",
"summary": "SUSE Bug 1222624 for CVE-2024-26816",
"url": "https://bugzilla.suse.com/1222624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26816"
},
{
"cve": "CVE-2024-26817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namdkfd: use calloc instead of kzalloc to avoid integer overflow\n\nThis uses calloc instead of doing the multiplication which might\noverflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26817",
"url": "https://www.suse.com/security/cve/CVE-2024-26817"
},
{
"category": "external",
"summary": "SUSE Bug 1222812 for CVE-2024-26817",
"url": "https://bugzilla.suse.com/1222812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26817"
},
{
"cve": "CVE-2024-26820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed\n\nIf hv_netvsc driver is unloaded and reloaded, the NET_DEVICE_REGISTER\nhandler cannot perform VF register successfully as the register call\nis received before netvsc_probe is finished. This is because we\nregister register_netdevice_notifier() very early( even before\nvmbus_driver_register()).\nTo fix this, we try to register each such matching VF( if it is visible\nas a netdevice) at the end of netvsc_probe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26820",
"url": "https://www.suse.com/security/cve/CVE-2024-26820"
},
{
"category": "external",
"summary": "SUSE Bug 1223078 for CVE-2024-26820",
"url": "https://bugzilla.suse.com/1223078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26820"
},
{
"cve": "CVE-2024-26825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: free rx_data_reassembly skb on NCI device cleanup\n\nrx_data_reassembly skb is stored during NCI data exchange for processing\nfragmented packets. It is dropped only when the last fragment is processed\nor when an NTF packet with NCI_OP_RF_DEACTIVATE_NTF opcode is received.\nHowever, the NCI device may be deallocated before that which leads to skb\nleak.\n\nAs by design the rx_data_reassembly skb is bound to the NCI device and\nnothing prevents the device to be freed before the skb is processed in\nsome way and cleaned, free it on the NCI device cleanup.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26825",
"url": "https://www.suse.com/security/cve/CVE-2024-26825"
},
{
"category": "external",
"summary": "SUSE Bug 1223065 for CVE-2024-26825",
"url": "https://bugzilla.suse.com/1223065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26825"
},
{
"cve": "CVE-2024-26830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Do not allow untrusted VF to remove administratively set MAC\n\nCurrently when PF administratively sets VF\u0027s MAC address and the VF\nis put down (VF tries to delete all MACs) then the MAC is removed\nfrom MAC filters and primary VF MAC is zeroed.\n\nDo not allow untrusted VF to remove primary MAC when it was set\nadministratively by PF.\n\nReproducer:\n1) Create VF\n2) Set VF interface up\n3) Administratively set the VF\u0027s MAC\n4) Put VF interface down\n\n[root@host ~]# echo 1 \u003e /sys/class/net/enp2s0f0/device/sriov_numvfs\n[root@host ~]# ip link set enp2s0f0v0 up\n[root@host ~]# ip link set enp2s0f0 vf 0 mac fe:6c:b5:da:c7:7d\n[root@host ~]# ip link show enp2s0f0\n23: enp2s0f0: \u003cBROADCAST,MULTICAST,UP,LOWER_UP\u003e mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000\n link/ether 3c:ec:ef:b7:dd:04 brd ff:ff:ff:ff:ff:ff\n vf 0 link/ether fe:6c:b5:da:c7:7d brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off\n[root@host ~]# ip link set enp2s0f0v0 down\n[root@host ~]# ip link show enp2s0f0\n23: enp2s0f0: \u003cBROADCAST,MULTICAST,UP,LOWER_UP\u003e mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000\n link/ether 3c:ec:ef:b7:dd:04 brd ff:ff:ff:ff:ff:ff\n vf 0 link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26830",
"url": "https://www.suse.com/security/cve/CVE-2024-26830"
},
{
"category": "external",
"summary": "SUSE Bug 1223012 for CVE-2024-26830",
"url": "https://bugzilla.suse.com/1223012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26830"
},
{
"cve": "CVE-2024-26833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix memory leak in dm_sw_fini()\n\nAfter destroying dmub_srv, the memory associated with it is\nnot freed, causing a memory leak:\n\nunreferenced object 0xffff896302b45800 (size 1024):\n comm \"(udev-worker)\", pid 222, jiffies 4294894636\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 6265fd77):\n [\u003cffffffff993495ed\u003e] kmalloc_trace+0x29d/0x340\n [\u003cffffffffc0ea4a94\u003e] dm_dmub_sw_init+0xb4/0x450 [amdgpu]\n [\u003cffffffffc0ea4e55\u003e] dm_sw_init+0x15/0x2b0 [amdgpu]\n [\u003cffffffffc0ba8557\u003e] amdgpu_device_init+0x1417/0x24e0 [amdgpu]\n [\u003cffffffffc0bab285\u003e] amdgpu_driver_load_kms+0x15/0x190 [amdgpu]\n [\u003cffffffffc0ba09c7\u003e] amdgpu_pci_probe+0x187/0x4e0 [amdgpu]\n [\u003cffffffff9968fd1e\u003e] local_pci_probe+0x3e/0x90\n [\u003cffffffff996918a3\u003e] pci_device_probe+0xc3/0x230\n [\u003cffffffff99805872\u003e] really_probe+0xe2/0x480\n [\u003cffffffff99805c98\u003e] __driver_probe_device+0x78/0x160\n [\u003cffffffff99805daf\u003e] driver_probe_device+0x1f/0x90\n [\u003cffffffff9980601e\u003e] __driver_attach+0xce/0x1c0\n [\u003cffffffff99803170\u003e] bus_for_each_dev+0x70/0xc0\n [\u003cffffffff99804822\u003e] bus_add_driver+0x112/0x210\n [\u003cffffffff99807245\u003e] driver_register+0x55/0x100\n [\u003cffffffff990012d1\u003e] do_one_initcall+0x41/0x300\n\nFix this by freeing dmub_srv after destroying it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26833",
"url": "https://www.suse.com/security/cve/CVE-2024-26833"
},
{
"category": "external",
"summary": "SUSE Bug 1223036 for CVE-2024-26833",
"url": "https://bugzilla.suse.com/1223036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26833"
},
{
"cve": "CVE-2024-26836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: think-lmi: Fix password opcode ordering for workstations\n\nThe Lenovo workstations require the password opcode to be run before\nthe attribute value is changed (if Admin password is enabled).\n\nTested on some Thinkpads to confirm they are OK with this order too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26836",
"url": "https://www.suse.com/security/cve/CVE-2024-26836"
},
{
"category": "external",
"summary": "SUSE Bug 1222968 for CVE-2024-26836",
"url": "https://bugzilla.suse.com/1222968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26836"
},
{
"cve": "CVE-2024-26840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix memory leak in cachefiles_add_cache()\n\nThe following memory leak was reported after unbinding /dev/cachefiles:\n\n==================================================================\nunreferenced object 0xffff9b674176e3c0 (size 192):\n comm \"cachefilesd2\", pid 680, jiffies 4294881224\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc ea38a44b):\n [\u003cffffffff8eb8a1a5\u003e] kmem_cache_alloc+0x2d5/0x370\n [\u003cffffffff8e917f86\u003e] prepare_creds+0x26/0x2e0\n [\u003cffffffffc002eeef\u003e] cachefiles_determine_cache_security+0x1f/0x120\n [\u003cffffffffc00243ec\u003e] cachefiles_add_cache+0x13c/0x3a0\n [\u003cffffffffc0025216\u003e] cachefiles_daemon_write+0x146/0x1c0\n [\u003cffffffff8ebc4a3b\u003e] vfs_write+0xcb/0x520\n [\u003cffffffff8ebc5069\u003e] ksys_write+0x69/0xf0\n [\u003cffffffff8f6d4662\u003e] do_syscall_64+0x72/0x140\n [\u003cffffffff8f8000aa\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n==================================================================\n\nPut the reference count of cache_cred in cachefiles_daemon_unbind() to\nfix the problem. And also put cache_cred in cachefiles_add_cache() error\nbranch to avoid memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26840",
"url": "https://www.suse.com/security/cve/CVE-2024-26840"
},
{
"category": "external",
"summary": "SUSE Bug 1222976 for CVE-2024-26840",
"url": "https://bugzilla.suse.com/1222976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "low"
}
],
"title": "CVE-2024-26840"
},
{
"cve": "CVE-2024-26843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: runtime: Fix potential overflow of soft-reserved region size\n\nmd_size will have been narrowed if we have \u003e= 4GB worth of pages in a\nsoft-reserved region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26843",
"url": "https://www.suse.com/security/cve/CVE-2024-26843"
},
{
"category": "external",
"summary": "SUSE Bug 1223014 for CVE-2024-26843",
"url": "https://bugzilla.suse.com/1223014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26843"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: avoid returning frame twice in XDP_REDIRECT\n\nWhen a frame can not be transmitted in XDP_REDIRECT\n(e.g. due to a full queue), it is necessary to free\nit by calling xdp_return_frame_rx_napi.\n\nHowever, this is the responsibility of the caller of\nthe ndo_xdp_xmit (see for example bq_xmit_all in\nkernel/bpf/devmap.c) and thus calling it inside\nigc_xdp_xmit (which is the ndo_xdp_xmit of the igc\ndriver) as well will lead to memory corruption.\n\nIn fact, bq_xmit_all expects that it can return all\nframes after the last successfully transmitted one.\nTherefore, break for the first not transmitted frame,\nbut do not call xdp_return_frame_rx_napi in igc_xdp_xmit.\nThis is equally implemented in other Intel drivers\nsuch as the igb.\n\nThere are two alternatives to this that were rejected:\n1. Return num_frames as all the frames would have been\n transmitted and release them inside igc_xdp_xmit.\n While it might work technically, it is not what\n the return value is meant to represent (i.e. the\n number of SUCCESSFULLY transmitted packets).\n2. Rework kernel/bpf/devmap.c and all drivers to\n support non-consecutively dropped packets.\n Besides being complex, it likely has a negative\n performance impact without a significant gain\n since it is anyway unlikely that the next frame\n can be transmitted if the previous one was dropped.\n\nThe memory corruption can be reproduced with\nthe following script which leads to a kernel panic\nafter a few seconds. It basically generates more\ntraffic than a i225 NIC can transmit and pushes it\nvia XDP_REDIRECT from a virtual interface to the\nphysical interface where frames get dropped.\n\n #!/bin/bash\n INTERFACE=enp4s0\n INTERFACE_IDX=`cat /sys/class/net/$INTERFACE/ifindex`\n\n sudo ip link add dev veth1 type veth peer name veth2\n sudo ip link set up $INTERFACE\n sudo ip link set up veth1\n sudo ip link set up veth2\n\n cat \u003c\u003c EOF \u003e redirect.bpf.c\n\n SEC(\"prog\")\n int redirect(struct xdp_md *ctx)\n {\n return bpf_redirect($INTERFACE_IDX, 0);\n }\n\n char _license[] SEC(\"license\") = \"GPL\";\n EOF\n clang -O2 -g -Wall -target bpf -c redirect.bpf.c -o redirect.bpf.o\n sudo ip link set veth2 xdp obj redirect.bpf.o\n\n cat \u003c\u003c EOF \u003e pass.bpf.c\n\n SEC(\"prog\")\n int pass(struct xdp_md *ctx)\n {\n return XDP_PASS;\n }\n\n char _license[] SEC(\"license\") = \"GPL\";\n EOF\n clang -O2 -g -Wall -target bpf -c pass.bpf.c -o pass.bpf.o\n sudo ip link set $INTERFACE xdp obj pass.bpf.o\n\n cat \u003c\u003c EOF \u003e trafgen.cfg\n\n {\n /* Ethernet Header */\n 0xe8, 0x6a, 0x64, 0x41, 0xbf, 0x46,\n 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,\n const16(ETH_P_IP),\n\n /* IPv4 Header */\n 0b01000101, 0, # IPv4 version, IHL, TOS\n const16(1028), # IPv4 total length (UDP length + 20 bytes (IP header))\n const16(2), # IPv4 ident\n 0b01000000, 0, # IPv4 flags, fragmentation off\n 64, # IPv4 TTL\n 17, # Protocol UDP\n csumip(14, 33), # IPv4 checksum\n\n /* UDP Header */\n 10, 0, 1, 1, # IP Src - adapt as needed\n 10, 0, 1, 2, # IP Dest - adapt as needed\n const16(6666), # UDP Src Port\n const16(6666), # UDP Dest Port\n const16(1008), # UDP length (UDP header 8 bytes + payload length)\n csumudp(14, 34), # UDP checksum\n\n /* Payload */\n fill(\u0027W\u0027, 1000),\n }\n EOF\n\n sudo trafgen -i trafgen.cfg -b3000MB -o veth1 --cpp",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26853",
"url": "https://www.suse.com/security/cve/CVE-2024-26853"
},
{
"category": "external",
"summary": "SUSE Bug 1223061 for CVE-2024-26853",
"url": "https://bugzilla.suse.com/1223061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26853"
},
{
"cve": "CVE-2024-26855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()\n\nThe function ice_bridge_setlink() may encounter a NULL pointer dereference\nif nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently\nin nla_for_each_nested(). To address this issue, add a check to ensure that\nbr_spec is not NULL before proceeding with the nested attribute iteration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26855",
"url": "https://www.suse.com/security/cve/CVE-2024-26855"
},
{
"category": "external",
"summary": "SUSE Bug 1223051 for CVE-2024-26855",
"url": "https://bugzilla.suse.com/1223051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26855"
},
{
"cve": "CVE-2024-26856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sparx5: Fix use after free inside sparx5_del_mact_entry\n\nBased on the static analyzis of the code it looks like when an entry\nfrom the MAC table was removed, the entry was still used after being\nfreed. More precise the vid of the mac_entry was used after calling\ndevm_kfree on the mac_entry.\nThe fix consists in first using the vid of the mac_entry to delete the\nentry from the HW and after that to free it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26856",
"url": "https://www.suse.com/security/cve/CVE-2024-26856"
},
{
"category": "external",
"summary": "SUSE Bug 1223052 for CVE-2024-26856",
"url": "https://bugzilla.suse.com/1223052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26856"
},
{
"cve": "CVE-2024-26857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: make sure to pull inner header in geneve_rx()\n\nsyzbot triggered a bug in geneve_rx() [1]\n\nIssue is similar to the one I fixed in commit 8d975c15c0cd\n(\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n\nWe have to save skb-\u003enetwork_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb-\u003ehead.\n\n[1]\nBUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in geneve_rx drivers/net/geneve.c:279 [inline]\n BUG: KMSAN: uninit-value in geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n geneve_rx drivers/net/geneve.c:279 [inline]\n geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n udp_queue_rcv_one_skb+0x1d39/0x1f20 net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x6ae/0x6e0 net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x184/0x4b0 net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x1c6b/0x3010 net/ipv4/udp.c:2422\n udp_rcv+0x7d/0xa0 net/ipv4/udp.c:2604\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n process_backlog+0x480/0x8b0 net/core/dev.c:5976\n __napi_poll+0xe3/0x980 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x8b8/0x1870 net/core/dev.c:6778\n __do_softirq+0x1b7/0x7c5 kernel/softirq.c:553\n do_softirq+0x9a/0xf0 kernel/softirq.c:454\n __local_bh_enable_ip+0x9b/0xa0 kernel/softirq.c:381\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:820 [inline]\n __dev_queue_xmit+0x2768/0x51c0 net/core/dev.c:4378\n dev_queue_xmit include/linux/netdevice.h:3171 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3819 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_node+0x5cb/0xbc0 mm/slub.c:3903\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x352/0x790 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1296 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6394\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2783\n packet_alloc_skb net/packet/af_packet.c:2930 [inline]\n packet_snd net/packet/af_packet.c:3024 [inline]\n packet_sendmsg+0x70c2/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26857",
"url": "https://www.suse.com/security/cve/CVE-2024-26857"
},
{
"category": "external",
"summary": "SUSE Bug 1223058 for CVE-2024-26857",
"url": "https://bugzilla.suse.com/1223058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26857"
},
{
"cve": "CVE-2024-26861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: receive: annotate data-race around receiving_counter.counter\n\nSyzkaller with KCSAN identified a data-race issue when accessing\nkeypair-\u003ereceiving_counter.counter. Use READ_ONCE() and WRITE_ONCE()\nannotations to mark the data race as intentional.\n\n BUG: KCSAN: data-race in wg_packet_decrypt_worker / wg_packet_rx_poll\n\n write to 0xffff888107765888 of 8 bytes by interrupt on cpu 0:\n counter_validate drivers/net/wireguard/receive.c:321 [inline]\n wg_packet_rx_poll+0x3ac/0xf00 drivers/net/wireguard/receive.c:461\n __napi_poll+0x60/0x3b0 net/core/dev.c:6536\n napi_poll net/core/dev.c:6605 [inline]\n net_rx_action+0x32b/0x750 net/core/dev.c:6738\n __do_softirq+0xc4/0x279 kernel/softirq.c:553\n do_softirq+0x5e/0x90 kernel/softirq.c:454\n __local_bh_enable_ip+0x64/0x70 kernel/softirq.c:381\n __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]\n _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210\n spin_unlock_bh include/linux/spinlock.h:396 [inline]\n ptr_ring_consume_bh include/linux/ptr_ring.h:367 [inline]\n wg_packet_decrypt_worker+0x6c5/0x700 drivers/net/wireguard/receive.c:499\n process_one_work kernel/workqueue.c:2633 [inline]\n ...\n\n read to 0xffff888107765888 of 8 bytes by task 3196 on cpu 1:\n decrypt_packet drivers/net/wireguard/receive.c:252 [inline]\n wg_packet_decrypt_worker+0x220/0x700 drivers/net/wireguard/receive.c:501\n process_one_work kernel/workqueue.c:2633 [inline]\n process_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2706\n worker_thread+0x525/0x730 kernel/workqueue.c:2787\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26861",
"url": "https://www.suse.com/security/cve/CVE-2024-26861"
},
{
"category": "external",
"summary": "SUSE Bug 1223076 for CVE-2024-26861",
"url": "https://bugzilla.suse.com/1223076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26861"
},
{
"cve": "CVE-2024-26862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npacket: annotate data-races around ignore_outgoing\n\nignore_outgoing is read locklessly from dev_queue_xmit_nit()\nand packet_getsockopt()\n\nAdd appropriate READ_ONCE()/WRITE_ONCE() annotations.\n\nsyzbot reported:\n\nBUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt\n\nwrite to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:\n packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003\n do_sock_setsockopt net/socket.c:2311 [inline]\n __sys_setsockopt+0x1d8/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:\n dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248\n xmit_one net/core/dev.c:3527 [inline]\n dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547\n __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108\n batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\n batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]\n batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]\n batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335\n worker_thread+0x526/0x730 kernel/workqueue.c:3416\n kthread+0x1d1/0x210 kernel/kthread.c:388\n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n\nvalue changed: 0x00 -\u003e 0x01\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26862",
"url": "https://www.suse.com/security/cve/CVE-2024-26862"
},
{
"category": "external",
"summary": "SUSE Bug 1223111 for CVE-2024-26862",
"url": "https://bugzilla.suse.com/1223111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26862"
},
{
"cve": "CVE-2024-26866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: lpspi: Avoid potential use-after-free in probe()\n\nfsl_lpspi_probe() is allocating/disposing memory manually with\nspi_alloc_host()/spi_alloc_target(), but uses\ndevm_spi_register_controller(). In case of error after the latter call the\nmemory will be explicitly freed in the probe function by\nspi_controller_put() call, but used afterwards by \"devm\" management outside\nprobe() (spi_unregister_controller() \u003c- devm_spi_unregister() below).\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000070\n...\nCall trace:\n kernfs_find_ns\n kernfs_find_and_get_ns\n sysfs_remove_group\n sysfs_remove_groups\n device_remove_attrs\n device_del\n spi_unregister_controller\n devm_spi_unregister\n release_nodes\n devres_release_all\n really_probe\n driver_probe_device\n __device_attach_driver\n bus_for_each_drv\n __device_attach\n device_initial_probe\n bus_probe_device\n deferred_probe_work_func\n process_one_work\n worker_thread\n kthread\n ret_from_fork",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26866",
"url": "https://www.suse.com/security/cve/CVE-2024-26866"
},
{
"category": "external",
"summary": "SUSE Bug 1223024 for CVE-2024-26866",
"url": "https://bugzilla.suse.com/1223024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26866"
},
{
"cve": "CVE-2024-26872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26872"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srpt: Do not register event handler until srpt device is fully setup\n\nUpon rare occasions, KASAN reports a use-after-free Write\nin srpt_refresh_port().\n\nThis seems to be because an event handler is registered before the\nsrpt device is fully setup and a race condition upon error may leave a\npartially setup event handler in place.\n\nInstead, only register the event handler after srpt device initialization\nis complete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26872",
"url": "https://www.suse.com/security/cve/CVE-2024-26872"
},
{
"category": "external",
"summary": "SUSE Bug 1223115 for CVE-2024-26872",
"url": "https://bugzilla.suse.com/1223115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26872"
},
{
"cve": "CVE-2024-26875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pvrusb2: fix uaf in pvr2_context_set_notify\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in pvr2_context_set_notify+0x2c4/0x310 drivers/media/usb/pvrusb2/pvrusb2-context.c:35\nRead of size 4 at addr ffff888113aeb0d8 by task kworker/1:1/26\n\nCPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 6.8.0-rc1-syzkaller-00046-gf1a27f081c1f #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc4/0x620 mm/kasan/report.c:488\n kasan_report+0xda/0x110 mm/kasan/report.c:601\n pvr2_context_set_notify+0x2c4/0x310 drivers/media/usb/pvrusb2/pvrusb2-context.c:35\n pvr2_context_notify drivers/media/usb/pvrusb2/pvrusb2-context.c:95 [inline]\n pvr2_context_disconnect+0x94/0xb0 drivers/media/usb/pvrusb2/pvrusb2-context.c:272\n\nFreed by task 906:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:47\nkasan_save_track+0x14/0x30 mm/kasan/common.c:68\nkasan_save_free_info+0x3f/0x60 mm/kasan/generic.c:640\npoison_slab_object mm/kasan/common.c:241 [inline]\n__kasan_slab_free+0x106/0x1b0 mm/kasan/common.c:257\nkasan_slab_free include/linux/kasan.h:184 [inline]\nslab_free_hook mm/slub.c:2121 [inline]\nslab_free mm/slub.c:4299 [inline]\nkfree+0x105/0x340 mm/slub.c:4409\npvr2_context_check drivers/media/usb/pvrusb2/pvrusb2-context.c:137 [inline]\npvr2_context_thread_func+0x69d/0x960 drivers/media/usb/pvrusb2/pvrusb2-context.c:158\n\n[Analyze]\nTask A set disconnect_flag = !0, which resulted in Task B\u0027s condition being met\nand releasing mp, leading to this issue.\n\n[Fix]\nPlace the disconnect_flag assignment operation after all code in pvr2_context_disconnect()\nto avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26875",
"url": "https://www.suse.com/security/cve/CVE-2024-26875"
},
{
"category": "external",
"summary": "SUSE Bug 1223118 for CVE-2024-26875",
"url": "https://bugzilla.suse.com/1223118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26875"
},
{
"cve": "CVE-2024-26876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: adv7511: fix crash on irq during probe\n\nMoved IRQ registration down to end of adv7511_probe().\n\nIf an IRQ already is pending during adv7511_probe\n(before adv7511_cec_init) then cec_received_msg_ts\ncould crash using uninitialized data:\n\n Unable to handle kernel read from unreadable memory at virtual address 00000000000003d5\n Internal error: Oops: 96000004 [#1] PREEMPT_RT SMP\n Call trace:\n cec_received_msg_ts+0x48/0x990 [cec]\n adv7511_cec_irq_process+0x1cc/0x308 [adv7511]\n adv7511_irq_process+0xd8/0x120 [adv7511]\n adv7511_irq_handler+0x1c/0x30 [adv7511]\n irq_thread_fn+0x30/0xa0\n irq_thread+0x14c/0x238\n kthread+0x190/0x1a8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26876",
"url": "https://www.suse.com/security/cve/CVE-2024-26876"
},
{
"category": "external",
"summary": "SUSE Bug 1223119 for CVE-2024-26876",
"url": "https://bugzilla.suse.com/1223119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26876"
},
{
"cve": "CVE-2024-26877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: xilinx - call finalize with bh disabled\n\nWhen calling crypto_finalize_request, BH should be disabled to avoid\ntriggering the following calltrace:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 74 at crypto/crypto_engine.c:58 crypto_finalize_request+0xa0/0x118\n Modules linked in: cryptodev(O)\n CPU: 2 PID: 74 Comm: firmware:zynqmp Tainted: G O 6.8.0-rc1-yocto-standard #323\n Hardware name: ZynqMP ZCU102 Rev1.0 (DT)\n pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : crypto_finalize_request+0xa0/0x118\n lr : crypto_finalize_request+0x104/0x118\n sp : ffffffc085353ce0\n x29: ffffffc085353ce0 x28: 0000000000000000 x27: ffffff8808ea8688\n x26: ffffffc081715038 x25: 0000000000000000 x24: ffffff880100db00\n x23: ffffff880100da80 x22: 0000000000000000 x21: 0000000000000000\n x20: ffffff8805b14000 x19: ffffff880100da80 x18: 0000000000010450\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000003 x13: 0000000000000000 x12: ffffff880100dad0\n x11: 0000000000000000 x10: ffffffc0832dcd08 x9 : ffffffc0812416d8\n x8 : 00000000000001f4 x7 : ffffffc0830d2830 x6 : 0000000000000001\n x5 : ffffffc082091000 x4 : ffffffc082091658 x3 : 0000000000000000\n x2 : ffffffc7f9653000 x1 : 0000000000000000 x0 : ffffff8802d20000\n Call trace:\n crypto_finalize_request+0xa0/0x118\n crypto_finalize_aead_request+0x18/0x30\n zynqmp_handle_aes_req+0xcc/0x388\n crypto_pump_work+0x168/0x2d8\n kthread_worker_fn+0xfc/0x3a0\n kthread+0x118/0x138\n ret_from_fork+0x10/0x20\n irq event stamp: 40\n hardirqs last enabled at (39): [\u003cffffffc0812416f8\u003e] _raw_spin_unlock_irqrestore+0x70/0xb0\n hardirqs last disabled at (40): [\u003cffffffc08122d208\u003e] el1_dbg+0x28/0x90\n softirqs last enabled at (36): [\u003cffffffc080017dec\u003e] kernel_neon_begin+0x8c/0xf0\n softirqs last disabled at (34): [\u003cffffffc080017dc0\u003e] kernel_neon_begin+0x60/0xf0\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26877",
"url": "https://www.suse.com/security/cve/CVE-2024-26877"
},
{
"category": "external",
"summary": "SUSE Bug 1223140 for CVE-2024-26877",
"url": "https://bugzilla.suse.com/1223140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26877"
},
{
"cve": "CVE-2024-26878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: Fix potential NULL pointer dereference\n\nBelow race may cause NULL pointer dereference\n\nP1\t\t\t\t\tP2\ndquot_free_inode\t\t\tquota_off\n\t\t\t\t\t drop_dquot_ref\n\t\t\t\t\t remove_dquot_ref\n\t\t\t\t\t dquots = i_dquot(inode)\n dquots = i_dquot(inode)\n srcu_read_lock\n dquots[cnt]) != NULL (1)\n\t\t\t\t\t dquots[type] = NULL (2)\n spin_lock(\u0026dquots[cnt]-\u003edq_dqb_lock) (3)\n ....\n\nIf dquot_free_inode(or other routines) checks inode\u0027s quota pointers (1)\nbefore quota_off sets it to NULL(2) and use it (3) after that, NULL pointer\ndereference will be triggered.\n\nSo let\u0027s fix it by using a temporary pointer to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26878",
"url": "https://www.suse.com/security/cve/CVE-2024-26878"
},
{
"category": "external",
"summary": "SUSE Bug 1223060 for CVE-2024-26878",
"url": "https://bugzilla.suse.com/1223060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26878"
},
{
"cve": "CVE-2024-26879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: meson: Add missing clocks to axg_clk_regmaps\n\nSome clocks were missing from axg_clk_regmaps, which caused kernel panic\nduring cat /sys/kernel/debug/clk/clk_summary\n\n[ 57.349402] Unable to handle kernel NULL pointer dereference at virtual address 00000000000001fc\n...\n[ 57.430002] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 57.436900] pc : regmap_read+0x1c/0x88\n[ 57.440608] lr : clk_regmap_gate_is_enabled+0x3c/0xb0\n[ 57.445611] sp : ffff800082f1b690\n[ 57.448888] x29: ffff800082f1b690 x28: 0000000000000000 x27: ffff800080eb9a70\n[ 57.455961] x26: 0000000000000007 x25: 0000000000000016 x24: 0000000000000000\n[ 57.463033] x23: ffff800080e8b488 x22: 0000000000000015 x21: ffff00000e7e7000\n[ 57.470106] x20: ffff00000400ec00 x19: 0000000000000000 x18: ffffffffffffffff\n[ 57.477178] x17: 0000000000000000 x16: 0000000000000000 x15: ffff0000042a3000\n[ 57.484251] x14: 0000000000000000 x13: ffff0000042a2fec x12: 0000000005f5e100\n[ 57.491323] x11: abcc77118461cefd x10: 0000000000000020 x9 : ffff8000805e4b24\n[ 57.498396] x8 : ffff0000028063c0 x7 : ffff800082f1b710 x6 : ffff800082f1b710\n[ 57.505468] x5 : 00000000ffffffd0 x4 : ffff800082f1b6e0 x3 : 0000000000001000\n[ 57.512541] x2 : ffff800082f1b6e4 x1 : 000000000000012c x0 : 0000000000000000\n[ 57.519615] Call trace:\n[ 57.522030] regmap_read+0x1c/0x88\n[ 57.525393] clk_regmap_gate_is_enabled+0x3c/0xb0\n[ 57.530050] clk_core_is_enabled+0x44/0x120\n[ 57.534190] clk_summary_show_subtree+0x154/0x2f0\n[ 57.538847] clk_summary_show_subtree+0x220/0x2f0\n[ 57.543505] clk_summary_show_subtree+0x220/0x2f0\n[ 57.548162] clk_summary_show_subtree+0x220/0x2f0\n[ 57.552820] clk_summary_show_subtree+0x220/0x2f0\n[ 57.557477] clk_summary_show_subtree+0x220/0x2f0\n[ 57.562135] clk_summary_show_subtree+0x220/0x2f0\n[ 57.566792] clk_summary_show_subtree+0x220/0x2f0\n[ 57.571450] clk_summary_show+0x84/0xb8\n[ 57.575245] seq_read_iter+0x1bc/0x4b8\n[ 57.578954] seq_read+0x8c/0xd0\n[ 57.582059] full_proxy_read+0x68/0xc8\n[ 57.585767] vfs_read+0xb0/0x268\n[ 57.588959] ksys_read+0x70/0x108\n[ 57.592236] __arm64_sys_read+0x24/0x38\n[ 57.596031] invoke_syscall+0x50/0x128\n[ 57.599740] el0_svc_common.constprop.0+0x48/0xf8\n[ 57.604397] do_el0_svc+0x28/0x40\n[ 57.607675] el0_svc+0x34/0xb8\n[ 57.610694] el0t_64_sync_handler+0x13c/0x158\n[ 57.615006] el0t_64_sync+0x190/0x198\n[ 57.618635] Code: a9bd7bfd 910003fd a90153f3 aa0003f3 (b941fc00)\n[ 57.624668] ---[ end trace 0000000000000000 ]---\n\n[jbrunet: add missing Fixes tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26879",
"url": "https://www.suse.com/security/cve/CVE-2024-26879"
},
{
"category": "external",
"summary": "SUSE Bug 1223066 for CVE-2024-26879",
"url": "https://bugzilla.suse.com/1223066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26879"
},
{
"cve": "CVE-2024-26881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when 1588 is received on HIP08 devices\n\nThe HIP08 devices does not register the ptp devices, so the\nhdev-\u003eptp is NULL, but the hardware can receive 1588 messages,\nand set the HNS3_RXD_TS_VLD_B bit, so, if match this case, the\naccess of hdev-\u003eptp-\u003eflags will cause a kernel crash:\n\n[ 5888.946472] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018\n[ 5888.946475] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018\n...\n[ 5889.266118] pc : hclge_ptp_get_rx_hwts+0x40/0x170 [hclge]\n[ 5889.272612] lr : hclge_ptp_get_rx_hwts+0x34/0x170 [hclge]\n[ 5889.279101] sp : ffff800012c3bc50\n[ 5889.283516] x29: ffff800012c3bc50 x28: ffff2040002be040\n[ 5889.289927] x27: ffff800009116484 x26: 0000000080007500\n[ 5889.296333] x25: 0000000000000000 x24: ffff204001c6f000\n[ 5889.302738] x23: ffff204144f53c00 x22: 0000000000000000\n[ 5889.309134] x21: 0000000000000000 x20: ffff204004220080\n[ 5889.315520] x19: ffff204144f53c00 x18: 0000000000000000\n[ 5889.321897] x17: 0000000000000000 x16: 0000000000000000\n[ 5889.328263] x15: 0000004000140ec8 x14: 0000000000000000\n[ 5889.334617] x13: 0000000000000000 x12: 00000000010011df\n[ 5889.340965] x11: bbfeff4d22000000 x10: 0000000000000000\n[ 5889.347303] x9 : ffff800009402124 x8 : 0200f78811dfbb4d\n[ 5889.353637] x7 : 2200000000191b01 x6 : ffff208002a7d480\n[ 5889.359959] x5 : 0000000000000000 x4 : 0000000000000000\n[ 5889.366271] x3 : 0000000000000000 x2 : 0000000000000000\n[ 5889.372567] x1 : 0000000000000000 x0 : ffff20400095c080\n[ 5889.378857] Call trace:\n[ 5889.382285] hclge_ptp_get_rx_hwts+0x40/0x170 [hclge]\n[ 5889.388304] hns3_handle_bdinfo+0x324/0x410 [hns3]\n[ 5889.394055] hns3_handle_rx_bd+0x60/0x150 [hns3]\n[ 5889.399624] hns3_clean_rx_ring+0x84/0x170 [hns3]\n[ 5889.405270] hns3_nic_common_poll+0xa8/0x220 [hns3]\n[ 5889.411084] napi_poll+0xcc/0x264\n[ 5889.415329] net_rx_action+0xd4/0x21c\n[ 5889.419911] __do_softirq+0x130/0x358\n[ 5889.424484] irq_exit+0x134/0x154\n[ 5889.428700] __handle_domain_irq+0x88/0xf0\n[ 5889.433684] gic_handle_irq+0x78/0x2c0\n[ 5889.438319] el1_irq+0xb8/0x140\n[ 5889.442354] arch_cpu_idle+0x18/0x40\n[ 5889.446816] default_idle_call+0x5c/0x1c0\n[ 5889.451714] cpuidle_idle_call+0x174/0x1b0\n[ 5889.456692] do_idle+0xc8/0x160\n[ 5889.460717] cpu_startup_entry+0x30/0xfc\n[ 5889.465523] secondary_start_kernel+0x158/0x1ec\n[ 5889.470936] Code: 97ffab78 f9411c14 91408294 f9457284 (f9400c80)\n[ 5889.477950] SMP: stopping secondary CPUs\n[ 5890.514626] SMP: failed to stop secondary CPUs 0-69,71-95\n[ 5890.522951] Starting crashdump kernel...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26881",
"url": "https://www.suse.com/security/cve/CVE-2024-26881"
},
{
"category": "external",
"summary": "SUSE Bug 1223041 for CVE-2024-26881",
"url": "https://bugzilla.suse.com/1223041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26881"
},
{
"cve": "CVE-2024-26882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()\n\nApply the same fix than ones found in :\n\n8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\")\n\nWe have to save skb-\u003enetwork_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb-\u003ehead.\n\nsyzbot reported:\nBUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409\n __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409\n __ipgre_rcv+0x9bc/0xbc0 net/ipv4/ip_gre.c:389\n ipgre_rcv net/ipv4/ip_gre.c:411 [inline]\n gre_rcv+0x423/0x19f0 net/ipv4/ip_gre.c:447\n gre_rcv+0x2a4/0x390 net/ipv4/gre_demux.c:163\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n netif_receive_skb_internal net/core/dev.c:5734 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5793\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1556\n tun_get_user+0x53b9/0x66e0 drivers/net/tun.c:2009\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055\n call_write_iter include/linux/fs.h:2087 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb6b/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n __alloc_pages+0x9a6/0xe00 mm/page_alloc.c:4590\n alloc_pages_mpol+0x62b/0x9d0 mm/mempolicy.c:2133\n alloc_pages+0x1be/0x1e0 mm/mempolicy.c:2204\n skb_page_frag_refill+0x2bf/0x7c0 net/core/sock.c:2909\n tun_build_skb drivers/net/tun.c:1686 [inline]\n tun_get_user+0xe0a/0x66e0 drivers/net/tun.c:1826\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055\n call_write_iter include/linux/fs.h:2087 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb6b/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26882",
"url": "https://www.suse.com/security/cve/CVE-2024-26882"
},
{
"category": "external",
"summary": "SUSE Bug 1223034 for CVE-2024-26882",
"url": "https://bugzilla.suse.com/1223034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26882"
},
{
"cve": "CVE-2024-26883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stackmap overflow check on 32-bit arches\n\nThe stackmap code relies on roundup_pow_of_two() to compute the number\nof hash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code.\n\nThe commit in the fixes tag actually attempted to fix this, but the fix\ndid not account for the UB, so the fix only works on CPUs where an\noverflow does result in a neat truncation to zero, which is not\nguaranteed. Checking the value before rounding does not have this\nproblem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26883",
"url": "https://www.suse.com/security/cve/CVE-2024-26883"
},
{
"category": "external",
"summary": "SUSE Bug 1223035 for CVE-2024-26883",
"url": "https://bugzilla.suse.com/1223035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26883"
},
{
"cve": "CVE-2024-26884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix hashtab overflow check on 32-bit arches\n\nThe hashtab code relies on roundup_pow_of_two() to compute the number of\nhash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code. So apply the same\nfix to hashtab, by moving the overflow check to before the roundup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26884",
"url": "https://www.suse.com/security/cve/CVE-2024-26884"
},
{
"category": "external",
"summary": "SUSE Bug 1223189 for CVE-2024-26884",
"url": "https://bugzilla.suse.com/1223189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26884"
},
{
"cve": "CVE-2024-26885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix DEVMAP_HASH overflow check on 32-bit arches\n\nThe devmap code allocates a number hash buckets equal to the next power\nof two of the max_entries value provided when creating the map. When\nrounding up to the next power of two, the 32-bit variable storing the\nnumber of buckets can overflow, and the code checks for overflow by\nchecking if the truncated 32-bit value is equal to 0. However, on 32-bit\narches the rounding up itself can overflow mid-way through, because it\nends up doing a left-shift of 32 bits on an unsigned long value. If the\nsize of an unsigned long is four bytes, this is undefined behaviour, so\nthere is no guarantee that we\u0027ll end up with a nice and tidy 0-value at\nthe end.\n\nSyzbot managed to turn this into a crash on arm32 by creating a\nDEVMAP_HASH with max_entries \u003e 0x80000000 and then trying to update it.\nFix this by moving the overflow check to before the rounding up\noperation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26885",
"url": "https://www.suse.com/security/cve/CVE-2024-26885"
},
{
"category": "external",
"summary": "SUSE Bug 1223190 for CVE-2024-26885",
"url": "https://bugzilla.suse.com/1223190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26885"
},
{
"cve": "CVE-2024-26891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Don\u0027t issue ATS Invalidation request when device is disconnected\n\nFor those endpoint devices connect to system via hotplug capable ports,\nusers could request a hot reset to the device by flapping device\u0027s link\nthrough setting the slot\u0027s link control register, as pciehp_ist() DLLSC\ninterrupt sequence response, pciehp will unload the device driver and\nthen power it off. thus cause an IOMMU device-TLB invalidation (Intel\nVT-d spec, or ATS Invalidation in PCIe spec r6.1) request for non-existence\ntarget device to be sent and deadly loop to retry that request after ITE\nfault triggered in interrupt context.\n\nThat would cause following continuous hard lockup warning and system hang\n\n[ 4211.433662] pcieport 0000:17:01.0: pciehp: Slot(108): Link Down\n[ 4211.433664] pcieport 0000:17:01.0: pciehp: Slot(108): Card not present\n[ 4223.822591] NMI watchdog: Watchdog detected hard LOCKUP on cpu 144\n[ 4223.822622] CPU: 144 PID: 1422 Comm: irq/57-pciehp Kdump: loaded Tainted: G S\n OE kernel version xxxx\n[ 4223.822623] Hardware name: vendorname xxxx 666-106,\nBIOS 01.01.02.03.01 05/15/2023\n[ 4223.822623] RIP: 0010:qi_submit_sync+0x2c0/0x490\n[ 4223.822624] Code: 48 be 00 00 00 00 00 08 00 00 49 85 74 24 20 0f 95 c1 48 8b\n 57 10 83 c1 04 83 3c 1a 03 0f 84 a2 01 00 00 49 8b 04 24 8b 70 34 \u003c40\u003e f6 c6 1\n0 74 17 49 8b 04 24 8b 80 80 00 00 00 89 c2 d3 fa 41 39\n[ 4223.822624] RSP: 0018:ffffc4f074f0bbb8 EFLAGS: 00000093\n[ 4223.822625] RAX: ffffc4f040059000 RBX: 0000000000000014 RCX: 0000000000000005\n[ 4223.822625] RDX: ffff9f3841315800 RSI: 0000000000000000 RDI: ffff9f38401a8340\n[ 4223.822625] RBP: ffff9f38401a8340 R08: ffffc4f074f0bc00 R09: 0000000000000000\n[ 4223.822626] R10: 0000000000000010 R11: 0000000000000018 R12: ffff9f384005e200\n[ 4223.822626] R13: 0000000000000004 R14: 0000000000000046 R15: 0000000000000004\n[ 4223.822626] FS: 0000000000000000(0000) GS:ffffa237ae400000(0000)\nknlGS:0000000000000000\n[ 4223.822627] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4223.822627] CR2: 00007ffe86515d80 CR3: 000002fd3000a001 CR4: 0000000000770ee0\n[ 4223.822627] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4223.822628] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 4223.822628] PKRU: 55555554\n[ 4223.822628] Call Trace:\n[ 4223.822628] qi_flush_dev_iotlb+0xb1/0xd0\n[ 4223.822628] __dmar_remove_one_dev_info+0x224/0x250\n[ 4223.822629] dmar_remove_one_dev_info+0x3e/0x50\n[ 4223.822629] intel_iommu_release_device+0x1f/0x30\n[ 4223.822629] iommu_release_device+0x33/0x60\n[ 4223.822629] iommu_bus_notifier+0x7f/0x90\n[ 4223.822630] blocking_notifier_call_chain+0x60/0x90\n[ 4223.822630] device_del+0x2e5/0x420\n[ 4223.822630] pci_remove_bus_device+0x70/0x110\n[ 4223.822630] pciehp_unconfigure_device+0x7c/0x130\n[ 4223.822631] pciehp_disable_slot+0x6b/0x100\n[ 4223.822631] pciehp_handle_presence_or_link_change+0xd8/0x320\n[ 4223.822631] pciehp_ist+0x176/0x180\n[ 4223.822631] ? irq_finalize_oneshot.part.50+0x110/0x110\n[ 4223.822632] irq_thread_fn+0x19/0x50\n[ 4223.822632] irq_thread+0x104/0x190\n[ 4223.822632] ? irq_forced_thread_fn+0x90/0x90\n[ 4223.822632] ? irq_thread_check_affinity+0xe0/0xe0\n[ 4223.822633] kthread+0x114/0x130\n[ 4223.822633] ? __kthread_cancel_work+0x40/0x40\n[ 4223.822633] ret_from_fork+0x1f/0x30\n[ 4223.822633] Kernel panic - not syncing: Hard LOCKUP\n[ 4223.822634] CPU: 144 PID: 1422 Comm: irq/57-pciehp Kdump: loaded Tainted: G S\n OE kernel version xxxx\n[ 4223.822634] Hardware name: vendorname xxxx 666-106,\nBIOS 01.01.02.03.01 05/15/2023\n[ 4223.822634] Call Trace:\n[ 4223.822634] \u003cNMI\u003e\n[ 4223.822635] dump_stack+0x6d/0x88\n[ 4223.822635] panic+0x101/0x2d0\n[ 4223.822635] ? ret_from_fork+0x11/0x30\n[ 4223.822635] nmi_panic.cold.14+0xc/0xc\n[ 4223.822636] watchdog_overflow_callback.cold.8+0x6d/0x81\n[ 4223.822636] __perf_event_overflow+0x4f/0xf0\n[ 4223.822636] handle_pmi_common\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26891",
"url": "https://www.suse.com/security/cve/CVE-2024-26891"
},
{
"category": "external",
"summary": "SUSE Bug 1223037 for CVE-2024-26891",
"url": "https://bugzilla.suse.com/1223037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26891"
},
{
"cve": "CVE-2024-26893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26893"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix double free in SMC transport cleanup path\n\nWhen the generic SCMI code tears down a channel, it calls the chan_free\ncallback function, defined by each transport. Since multiple protocols\nmight share the same transport_info member, chan_free() might want to\nclean up the same member multiple times within the given SCMI transport\nimplementation. In this case, it is SMC transport. This will lead to a NULL\npointer dereference at the second time:\n\n | scmi_protocol scmi_dev.1: Enabled polling mode TX channel - prot_id:16\n | arm-scmi firmware:scmi: SCMI Notifications - Core Enabled.\n | arm-scmi firmware:scmi: unable to communicate with SCMI\n | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n | Mem abort info:\n | ESR = 0x0000000096000004\n | EC = 0x25: DABT (current EL), IL = 32 bits\n | SET = 0, FnV = 0\n | EA = 0, S1PTW = 0\n | FSC = 0x04: level 0 translation fault\n | Data abort info:\n | ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n | CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n | GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n | user pgtable: 4k pages, 48-bit VAs, pgdp=0000000881ef8000\n | [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\n | Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n | Modules linked in:\n | CPU: 4 PID: 1 Comm: swapper/0 Not tainted 6.7.0-rc2-00124-g455ef3d016c9-dirty #793\n | Hardware name: FVP Base RevC (DT)\n | pstate: 61400009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n | pc : smc_chan_free+0x3c/0x6c\n | lr : smc_chan_free+0x3c/0x6c\n | Call trace:\n | smc_chan_free+0x3c/0x6c\n | idr_for_each+0x68/0xf8\n | scmi_cleanup_channels.isra.0+0x2c/0x58\n | scmi_probe+0x434/0x734\n | platform_probe+0x68/0xd8\n | really_probe+0x110/0x27c\n | __driver_probe_device+0x78/0x12c\n | driver_probe_device+0x3c/0x118\n | __driver_attach+0x74/0x128\n | bus_for_each_dev+0x78/0xe0\n | driver_attach+0x24/0x30\n | bus_add_driver+0xe4/0x1e8\n | driver_register+0x60/0x128\n | __platform_driver_register+0x28/0x34\n | scmi_driver_init+0x84/0xc0\n | do_one_initcall+0x78/0x33c\n | kernel_init_freeable+0x2b8/0x51c\n | kernel_init+0x24/0x130\n | ret_from_fork+0x10/0x20\n | Code: f0004701 910a0021 aa1403e5 97b91c70 (b9400280)\n | ---[ end trace 0000000000000000 ]---\n\nSimply check for the struct pointer being NULL before trying to access\nits members, to avoid this situation.\n\nThis was found when a transport doesn\u0027t really work (for instance no SMC\nservice), the probe routines then tries to clean up, and triggers a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26893",
"url": "https://www.suse.com/security/cve/CVE-2024-26893"
},
{
"category": "external",
"summary": "SUSE Bug 1223196 for CVE-2024-26893",
"url": "https://bugzilla.suse.com/1223196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26893"
},
{
"cve": "CVE-2024-26895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces\n\nwilc_netdev_cleanup currently triggers a KASAN warning, which can be\nobserved on interface registration error path, or simply by\nremoving the module/unbinding device from driver:\n\necho spi0.1 \u003e /sys/bus/spi/drivers/wilc1000_spi/unbind\n\n==================================================================\nBUG: KASAN: slab-use-after-free in wilc_netdev_cleanup+0x508/0x5cc\nRead of size 4 at addr c54d1ce8 by task sh/86\n\nCPU: 0 PID: 86 Comm: sh Not tainted 6.8.0-rc1+ #117\nHardware name: Atmel SAMA5\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x34/0x58\n dump_stack_lvl from print_report+0x154/0x500\n print_report from kasan_report+0xac/0xd8\n kasan_report from wilc_netdev_cleanup+0x508/0x5cc\n wilc_netdev_cleanup from wilc_bus_remove+0xc8/0xec\n wilc_bus_remove from spi_remove+0x8c/0xac\n spi_remove from device_release_driver_internal+0x434/0x5f8\n device_release_driver_internal from unbind_store+0xbc/0x108\n unbind_store from kernfs_fop_write_iter+0x398/0x584\n kernfs_fop_write_iter from vfs_write+0x728/0xf88\n vfs_write from ksys_write+0x110/0x1e4\n ksys_write from ret_fast_syscall+0x0/0x1c\n\n[...]\n\nAllocated by task 1:\n kasan_save_track+0x30/0x5c\n __kasan_kmalloc+0x8c/0x94\n __kmalloc_node+0x1cc/0x3e4\n kvmalloc_node+0x48/0x180\n alloc_netdev_mqs+0x68/0x11dc\n alloc_etherdev_mqs+0x28/0x34\n wilc_netdev_ifc_init+0x34/0x8ec\n wilc_cfg80211_init+0x690/0x910\n wilc_bus_probe+0xe0/0x4a0\n spi_probe+0x158/0x1b0\n really_probe+0x270/0xdf4\n __driver_probe_device+0x1dc/0x580\n driver_probe_device+0x60/0x140\n __driver_attach+0x228/0x5d4\n bus_for_each_dev+0x13c/0x1a8\n bus_add_driver+0x2a0/0x608\n driver_register+0x24c/0x578\n do_one_initcall+0x180/0x310\n kernel_init_freeable+0x424/0x484\n kernel_init+0x20/0x148\n ret_from_fork+0x14/0x28\n\nFreed by task 86:\n kasan_save_track+0x30/0x5c\n kasan_save_free_info+0x38/0x58\n __kasan_slab_free+0xe4/0x140\n kfree+0xb0/0x238\n device_release+0xc0/0x2a8\n kobject_put+0x1d4/0x46c\n netdev_run_todo+0x8fc/0x11d0\n wilc_netdev_cleanup+0x1e4/0x5cc\n wilc_bus_remove+0xc8/0xec\n spi_remove+0x8c/0xac\n device_release_driver_internal+0x434/0x5f8\n unbind_store+0xbc/0x108\n kernfs_fop_write_iter+0x398/0x584\n vfs_write+0x728/0xf88\n ksys_write+0x110/0x1e4\n ret_fast_syscall+0x0/0x1c\n [...]\n\nDavid Mosberger-Tan initial investigation [1] showed that this\nuse-after-free is due to netdevice unregistration during vif list\ntraversal. When unregistering a net device, since the needs_free_netdev has\nbeen set to true during registration, the netdevice object is also freed,\nand as a consequence, the corresponding vif object too, since it is\nattached to it as private netdevice data. The next occurrence of the loop\nthen tries to access freed vif pointer to the list to move forward in the\nlist.\n\nFix this use-after-free thanks to two mechanisms:\n- navigate in the list with list_for_each_entry_safe, which allows to\n safely modify the list as we go through each element. For each element,\n remove it from the list with list_del_rcu\n- make sure to wait for RCU grace period end after each vif removal to make\n sure it is safe to free the corresponding vif too (through\n unregister_netdev)\n\nSince we are in a RCU \"modifier\" path (not a \"reader\" path), and because\nsuch path is expected not to be concurrent to any other modifier (we are\nusing the vif_mutex lock), we do not need to use RCU list API, that\u0027s why\nwe can benefit from list_for_each_entry_safe.\n\n[1] https://lore.kernel.org/linux-wireless/ab077dbe58b1ea5de0a3b2ca21f275a07af967d2.camel@egauge.net/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26895",
"url": "https://www.suse.com/security/cve/CVE-2024-26895"
},
{
"category": "external",
"summary": "SUSE Bug 1223197 for CVE-2024-26895",
"url": "https://bugzilla.suse.com/1223197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26895"
},
{
"cve": "CVE-2024-26896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26896"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wfx: fix memory leak when starting AP\n\nKmemleak reported this error:\n\n unreferenced object 0xd73d1180 (size 184):\n comm \"wpa_supplicant\", pid 1559, jiffies 13006305 (age 964.245s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 1e 00 01 00 00 00 00 00 ................\n backtrace:\n [\u003c5ca11420\u003e] kmem_cache_alloc+0x20c/0x5ac\n [\u003c127bdd74\u003e] __alloc_skb+0x144/0x170\n [\u003cfb8a5e38\u003e] __netdev_alloc_skb+0x50/0x180\n [\u003c0f9fa1d5\u003e] __ieee80211_beacon_get+0x290/0x4d4 [mac80211]\n [\u003c7accd02d\u003e] ieee80211_beacon_get_tim+0x54/0x18c [mac80211]\n [\u003c41e25cc3\u003e] wfx_start_ap+0xc8/0x234 [wfx]\n [\u003c93a70356\u003e] ieee80211_start_ap+0x404/0x6b4 [mac80211]\n [\u003ca4a661cd\u003e] nl80211_start_ap+0x76c/0x9e0 [cfg80211]\n [\u003c47bd8b68\u003e] genl_rcv_msg+0x198/0x378\n [\u003c453ef796\u003e] netlink_rcv_skb+0xd0/0x130\n [\u003c6b7c977a\u003e] genl_rcv+0x34/0x44\n [\u003c66b2d04d\u003e] netlink_unicast+0x1b4/0x258\n [\u003cf965b9b6\u003e] netlink_sendmsg+0x1e8/0x428\n [\u003caadb8231\u003e] ____sys_sendmsg+0x1e0/0x274\n [\u003cd2b5212d\u003e] ___sys_sendmsg+0x80/0xb4\n [\u003c69954f45\u003e] __sys_sendmsg+0x64/0xa8\n unreferenced object 0xce087000 (size 1024):\n comm \"wpa_supplicant\", pid 1559, jiffies 13006305 (age 964.246s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 10 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............\n backtrace:\n [\u003c9a993714\u003e] __kmalloc_track_caller+0x230/0x600\n [\u003cf83ea192\u003e] kmalloc_reserve.constprop.0+0x30/0x74\n [\u003ca2c61343\u003e] __alloc_skb+0xa0/0x170\n [\u003cfb8a5e38\u003e] __netdev_alloc_skb+0x50/0x180\n [\u003c0f9fa1d5\u003e] __ieee80211_beacon_get+0x290/0x4d4 [mac80211]\n [\u003c7accd02d\u003e] ieee80211_beacon_get_tim+0x54/0x18c [mac80211]\n [\u003c41e25cc3\u003e] wfx_start_ap+0xc8/0x234 [wfx]\n [\u003c93a70356\u003e] ieee80211_start_ap+0x404/0x6b4 [mac80211]\n [\u003ca4a661cd\u003e] nl80211_start_ap+0x76c/0x9e0 [cfg80211]\n [\u003c47bd8b68\u003e] genl_rcv_msg+0x198/0x378\n [\u003c453ef796\u003e] netlink_rcv_skb+0xd0/0x130\n [\u003c6b7c977a\u003e] genl_rcv+0x34/0x44\n [\u003c66b2d04d\u003e] netlink_unicast+0x1b4/0x258\n [\u003cf965b9b6\u003e] netlink_sendmsg+0x1e8/0x428\n [\u003caadb8231\u003e] ____sys_sendmsg+0x1e0/0x274\n [\u003cd2b5212d\u003e] ___sys_sendmsg+0x80/0xb4\n\nHowever, since the kernel is build optimized, it seems the stack is not\naccurate. It appears the issue is related to wfx_set_mfp_ap(). The issue\nis obvious in this function: memory allocated by ieee80211_beacon_get()\nis never released. Fixing this leak makes kmemleak happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26896",
"url": "https://www.suse.com/security/cve/CVE-2024-26896"
},
{
"category": "external",
"summary": "SUSE Bug 1223042 for CVE-2024-26896",
"url": "https://bugzilla.suse.com/1223042"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26896"
},
{
"cve": "CVE-2024-26897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete\n\nThe ath9k_wmi_event_tasklet() used in ath9k_htc assumes that all the data\nstructures have been fully initialised by the time it runs. However, because of\nthe order in which things are initialised, this is not guaranteed to be the\ncase, because the device is exposed to the USB subsystem before the ath9k driver\ninitialisation is completed.\n\nWe already committed a partial fix for this in commit:\n8b3046abc99e (\"ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()\")\n\nHowever, that commit only aborted the WMI_TXSTATUS_EVENTID command in the event\ntasklet, pairing it with an \"initialisation complete\" bit in the TX struct. It\nseems syzbot managed to trigger the race for one of the other commands as well,\nso let\u0027s just move the existing synchronisation bit to cover the whole\ntasklet (setting it at the end of ath9k_htc_probe_device() instead of inside\nath9k_tx_init()).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26897",
"url": "https://www.suse.com/security/cve/CVE-2024-26897"
},
{
"category": "external",
"summary": "SUSE Bug 1223323 for CVE-2024-26897",
"url": "https://bugzilla.suse.com/1223323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26897"
},
{
"cve": "CVE-2024-26898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\n\nThis patch is against CVE-2023-6270. The description of cve is:\n\n A flaw was found in the ATA over Ethernet (AoE) driver in the Linux\n kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on\n `struct net_device`, and a use-after-free can be triggered by racing\n between the free on the struct and the access through the `skbtxq`\n global queue. This could lead to a denial of service condition or\n potential code execution.\n\nIn aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial\ncode is finished. But the net_device ifp will still be used in\nlater tx()-\u003edev_queue_xmit() in kthread. Which means that the\ndev_put(ifp) should NOT be called in the success path of skb\ninitial code in aoecmd_cfg_pkts(). Otherwise tx() may run into\nuse-after-free because the net_device is freed.\n\nThis patch removed the dev_put(ifp) in the success path in\naoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26898",
"url": "https://www.suse.com/security/cve/CVE-2024-26898"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1223017 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2024-26898"
},
{
"cve": "CVE-2024-26901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak\n\nsyzbot identified a kernel information leak vulnerability in\ndo_sys_name_to_handle() and issued the following report [1].\n\n[1]\n\"BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n do_sys_name_to_handle fs/fhandle.c:73 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x949/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n __do_kmalloc_node mm/slab_common.c:1006 [inline]\n __kmalloc+0x121/0x3c0 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n do_sys_name_to_handle fs/fhandle.c:39 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x441/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nBytes 18-19 of 20 are uninitialized\nMemory access of size 20 starts at ffff888128a46380\nData copied to user address 0000000020000240\"\n\nPer Chuck Lever\u0027s suggestion, use kzalloc() instead of kmalloc() to\nsolve the problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26901",
"url": "https://www.suse.com/security/cve/CVE-2024-26901"
},
{
"category": "external",
"summary": "SUSE Bug 1223198 for CVE-2024-26901",
"url": "https://bugzilla.suse.com/1223198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26901"
},
{
"cve": "CVE-2024-26903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security\n\nDuring our fuzz testing of the connection and disconnection process at the\nRFCOMM layer, we discovered this bug. By comparing the packets from a\nnormal connection and disconnection process with the testcase that\ntriggered a KASAN report. We analyzed the cause of this bug as follows:\n\n1. In the packets captured during a normal connection, the host sends a\n`Read Encryption Key Size` type of `HCI_CMD` packet\n(Command Opcode: 0x1408) to the controller to inquire the length of\nencryption key.After receiving this packet, the controller immediately\nreplies with a Command Completepacket (Event Code: 0x0e) to return the\nEncryption Key Size.\n\n2. In our fuzz test case, the timing of the controller\u0027s response to this\npacket was delayed to an unexpected point: after the RFCOMM and L2CAP\nlayers had disconnected but before the HCI layer had disconnected.\n\n3. After receiving the Encryption Key Size Response at the time described\nin point 2, the host still called the rfcomm_check_security function.\nHowever, by this time `struct l2cap_conn *conn = l2cap_pi(sk)-\u003echan-\u003econn;`\nhad already been released, and when the function executed\n`return hci_conn_security(conn-\u003ehcon, d-\u003esec_level, auth_type, d-\u003eout);`,\nspecifically when accessing `conn-\u003ehcon`, a null-ptr-deref error occurred.\n\nTo fix this bug, check if `sk-\u003esk_state` is BT_CLOSED before calling\nrfcomm_recv_frame in rfcomm_process_rx.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26903",
"url": "https://www.suse.com/security/cve/CVE-2024-26903"
},
{
"category": "external",
"summary": "SUSE Bug 1223187 for CVE-2024-26903",
"url": "https://bugzilla.suse.com/1223187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26903"
},
{
"cve": "CVE-2024-26915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Reset IH OVERFLOW_CLEAR bit\n\nAllows us to detect subsequent IH ring buffer overflows as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26915",
"url": "https://www.suse.com/security/cve/CVE-2024-26915"
},
{
"category": "external",
"summary": "SUSE Bug 1223207 for CVE-2024-26915",
"url": "https://bugzilla.suse.com/1223207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26915"
},
{
"cve": "CVE-2024-26917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: Revert \"scsi: fcoe: Fix potential deadlock on \u0026fip-\u003ectlr_lock\"\n\nThis reverts commit 1a1975551943f681772720f639ff42fbaa746212.\n\nThis commit causes interrupts to be lost for FCoE devices, since it changed\nsping locks from \"bh\" to \"irqsave\".\n\nInstead, a work queue should be used, and will be addressed in a separate\ncommit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26917",
"url": "https://www.suse.com/security/cve/CVE-2024-26917"
},
{
"category": "external",
"summary": "SUSE Bug 1223056 for CVE-2024-26917",
"url": "https://bugzilla.suse.com/1223056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26917"
},
{
"cve": "CVE-2024-26927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Add some bounds checking to firmware data\n\nSmatch complains about \"head-\u003efull_size - head-\u003eheader_size\" can\nunderflow. To some extent, we\u0027re always going to have to trust the\nfirmware a bit. However, it\u0027s easy enough to add a check for negatives,\nand let\u0027s add a upper bounds check as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26927",
"url": "https://www.suse.com/security/cve/CVE-2024-26927"
},
{
"category": "external",
"summary": "SUSE Bug 1223525 for CVE-2024-26927",
"url": "https://bugzilla.suse.com/1223525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26927"
},
{
"cve": "CVE-2024-26933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in port \"disable\" sysfs attribute\n\nThe show and store callback routines for the \"disable\" sysfs attribute\nfile in port.c acquire the device lock for the port\u0027s parent hub\ndevice. This can cause problems if another process has locked the hub\nto remove it or change its configuration:\n\n\tRemoving the hub or changing its configuration requires the\n\thub interface to be removed, which requires the port device\n\tto be removed, and device_del() waits until all outstanding\n\tsysfs attribute callbacks for the ports have returned. The\n\tlock can\u0027t be released until then.\n\n\tBut the disable_show() or disable_store() routine can\u0027t return\n\tuntil after it has acquired the lock.\n\nThe resulting deadlock can be avoided by calling\nsysfs_break_active_protection(). This will cause the sysfs core not\nto wait for the attribute\u0027s callback routine to return, allowing the\nremoval to proceed. The disadvantage is that after making this call,\nthere is no guarantee that the hub structure won\u0027t be deallocated at\nany moment. To prevent this, we have to acquire a reference to it\nfirst by calling hub_get().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26933",
"url": "https://www.suse.com/security/cve/CVE-2024-26933"
},
{
"category": "external",
"summary": "SUSE Bug 1223670 for CVE-2024-26933",
"url": "https://bugzilla.suse.com/1223670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26933"
},
{
"cve": "CVE-2024-26939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26939"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/vma: Fix UAF on destroy against retire race\n\nObject debugging tools were sporadically reporting illegal attempts to\nfree a still active i915 VMA object when parking a GT believed to be idle.\n\n[161.359441] ODEBUG: free active (active state 0) object: ffff88811643b958 object type: i915_active hint: __i915_vma_active+0x0/0x50 [i915]\n[161.360082] WARNING: CPU: 5 PID: 276 at lib/debugobjects.c:514 debug_print_object+0x80/0xb0\n...\n[161.360304] CPU: 5 PID: 276 Comm: kworker/5:2 Not tainted 6.5.0-rc1-CI_DRM_13375-g003f860e5577+ #1\n[161.360314] Hardware name: Intel Corporation Rocket Lake Client Platform/RocketLake S UDIMM 6L RVP, BIOS RKLSFWI1.R00.3173.A03.2204210138 04/21/2022\n[161.360322] Workqueue: i915-unordered __intel_wakeref_put_work [i915]\n[161.360592] RIP: 0010:debug_print_object+0x80/0xb0\n...\n[161.361347] debug_object_free+0xeb/0x110\n[161.361362] i915_active_fini+0x14/0x130 [i915]\n[161.361866] release_references+0xfe/0x1f0 [i915]\n[161.362543] i915_vma_parked+0x1db/0x380 [i915]\n[161.363129] __gt_park+0x121/0x230 [i915]\n[161.363515] ____intel_wakeref_put_last+0x1f/0x70 [i915]\n\nThat has been tracked down to be happening when another thread is\ndeactivating the VMA inside __active_retire() helper, after the VMA\u0027s\nactive counter has been already decremented to 0, but before deactivation\nof the VMA\u0027s object is reported to the object debugging tool.\n\nWe could prevent from that race by serializing i915_active_fini() with\n__active_retire() via ref-\u003etree_lock, but that wouldn\u0027t stop the VMA from\nbeing used, e.g. from __i915_vma_retire() called at the end of\n__active_retire(), after that VMA has been already freed by a concurrent\ni915_vma_destroy() on return from the i915_active_fini(). Then, we should\nrather fix the issue at the VMA level, not in i915_active.\n\nSince __i915_vma_parked() is called from __gt_park() on last put of the\nGT\u0027s wakeref, the issue could be addressed by holding the GT wakeref long\nenough for __active_retire() to complete before that wakeref is released\nand the GT parked.\n\nI believe the issue was introduced by commit d93939730347 (\"drm/i915:\nRemove the vma refcount\") which moved a call to i915_active_fini() from\na dropped i915_vma_release(), called on last put of the removed VMA kref,\nto i915_vma_parked() processing path called on last put of a GT wakeref.\nHowever, its visibility to the object debugging tool was suppressed by a\nbug in i915_active that was fixed two weeks later with commit e92eb246feb9\n(\"drm/i915/active: Fix missing debug object activation\").\n\nA VMA associated with a request doesn\u0027t acquire a GT wakeref by itself.\nInstead, it depends on a wakeref held directly by the request\u0027s active\nintel_context for a GT associated with its VM, and indirectly on that\nintel_context\u0027s engine wakeref if the engine belongs to the same GT as the\nVMA\u0027s VM. Those wakerefs are released asynchronously to VMA deactivation.\n\nFix the issue by getting a wakeref for the VMA\u0027s GT when activating it,\nand putting that wakeref only after the VMA is deactivated. However,\nexclude global GTT from that processing path, otherwise the GPU never goes\nidle. Since __i915_vma_retire() may be called from atomic contexts, use\nasync variant of wakeref put. Also, to avoid circular locking dependency,\ntake care of acquiring the wakeref before VM mutex when both are needed.\n\nv7: Add inline comments with justifications for:\n - using untracked variants of intel_gt_pm_get/put() (Nirmoy),\n - using async variant of _put(),\n - not getting the wakeref in case of a global GTT,\n - always getting the first wakeref outside vm-\u003emutex.\nv6: Since __i915_vma_active/retire() callbacks are not serialized, storing\n a wakeref tracking handle inside struct i915_vma is not safe, and\n there is no other good place for that. Use untracked variants of\n intel_gt_pm_get/put_async().\nv5: Replace \"tile\" with \"GT\" across commit description (Rodrigo),\n - \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26939",
"url": "https://www.suse.com/security/cve/CVE-2024-26939"
},
{
"category": "external",
"summary": "SUSE Bug 1223679 for CVE-2024-26939",
"url": "https://bugzilla.suse.com/1223679"
},
{
"category": "external",
"summary": "SUSE Bug 1223680 for CVE-2024-26939",
"url": "https://bugzilla.suse.com/1223680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2024-26939"
},
{
"cve": "CVE-2024-26948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add a dc_state NULL check in dc_state_release\n\n[How]\nCheck wheather state is NULL before releasing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26948",
"url": "https://www.suse.com/security/cve/CVE-2024-26948"
},
{
"category": "external",
"summary": "SUSE Bug 1223664 for CVE-2024-26948",
"url": "https://bugzilla.suse.com/1223664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26948"
},
{
"cve": "CVE-2024-26950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: netlink: access device through ctx instead of peer\n\nThe previous commit fixed a bug that led to a NULL peer-\u003edevice being\ndereferenced. It\u0027s actually easier and faster performance-wise to\ninstead get the device from ctx-\u003ewg. This semantically makes more sense\ntoo, since ctx-\u003ewg-\u003epeer_allowedips.seq is compared with\nctx-\u003eallowedips_seq, basing them both in ctx. This also acts as a\ndefence in depth provision against freed peers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26950",
"url": "https://www.suse.com/security/cve/CVE-2024-26950"
},
{
"category": "external",
"summary": "SUSE Bug 1223661 for CVE-2024-26950",
"url": "https://bugzilla.suse.com/1223661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26950"
},
{
"cve": "CVE-2024-26951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: netlink: check for dangling peer via is_dead instead of empty list\n\nIf all peers are removed via wg_peer_remove_all(), rather than setting\npeer_list to empty, the peer is added to a temporary list with a head on\nthe stack of wg_peer_remove_all(). If a netlink dump is resumed and the\ncursored peer is one that has been removed via wg_peer_remove_all(), it\nwill iterate from that peer and then attempt to dump freed peers.\n\nFix this by instead checking peer-\u003eis_dead, which was explictly created\nfor this purpose. Also move up the device_update_lock lockdep assertion,\nsince reading is_dead relies on that.\n\nIt can be reproduced by a small script like:\n\n echo \"Setting config...\"\n ip link add dev wg0 type wireguard\n wg setconf wg0 /big-config\n (\n while true; do\n echo \"Showing config...\"\n wg showconf wg0 \u003e /dev/null\n done\n ) \u0026\n sleep 4\n wg setconf wg0 \u003c(printf \"[Peer]\\nPublicKey=$(wg genkey)\\n\")\n\nResulting in:\n\n BUG: KASAN: slab-use-after-free in __lock_acquire+0x182a/0x1b20\n Read of size 8 at addr ffff88811956ec70 by task wg/59\n CPU: 2 PID: 59 Comm: wg Not tainted 6.8.0-rc2-debug+ #5\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x47/0x70\n print_address_description.constprop.0+0x2c/0x380\n print_report+0xab/0x250\n kasan_report+0xba/0xf0\n __lock_acquire+0x182a/0x1b20\n lock_acquire+0x191/0x4b0\n down_read+0x80/0x440\n get_peer+0x140/0xcb0\n wg_get_device_dump+0x471/0x1130",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26951",
"url": "https://www.suse.com/security/cve/CVE-2024-26951"
},
{
"category": "external",
"summary": "SUSE Bug 1223660 for CVE-2024-26951",
"url": "https://bugzilla.suse.com/1223660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26951"
},
{
"cve": "CVE-2024-26955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: prevent kernel bug at submit_bh_wbc()\n\nFix a bug where nilfs_get_block() returns a successful status when\nsearching and inserting the specified block both fail inconsistently. If\nthis inconsistent behavior is not due to a previously fixed bug, then an\nunexpected race is occurring, so return a temporary error -EAGAIN instead.\n\nThis prevents callers such as __block_write_begin_int() from requesting a\nread into a buffer that is not mapped, which would cause the BUG_ON check\nfor the BH_Mapped flag in submit_bh_wbc() to fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26955",
"url": "https://www.suse.com/security/cve/CVE-2024-26955"
},
{
"category": "external",
"summary": "SUSE Bug 1223657 for CVE-2024-26955",
"url": "https://bugzilla.suse.com/1223657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26955"
},
{
"cve": "CVE-2024-26956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix failure to detect DAT corruption in btree and direct mappings\n\nPatch series \"nilfs2: fix kernel bug at submit_bh_wbc()\".\n\nThis resolves a kernel BUG reported by syzbot. Since there are two\nflaws involved, I\u0027ve made each one a separate patch.\n\nThe first patch alone resolves the syzbot-reported bug, but I think\nboth fixes should be sent to stable, so I\u0027ve tagged them as such.\n\n\nThis patch (of 2):\n\nSyzbot has reported a kernel bug in submit_bh_wbc() when writing file data\nto a nilfs2 file system whose metadata is corrupted.\n\nThere are two flaws involved in this issue.\n\nThe first flaw is that when nilfs_get_block() locates a data block using\nbtree or direct mapping, if the disk address translation routine\nnilfs_dat_translate() fails with internal code -ENOENT due to DAT metadata\ncorruption, it can be passed back to nilfs_get_block(). This causes\nnilfs_get_block() to misidentify an existing block as non-existent,\ncausing both data block lookup and insertion to fail inconsistently.\n\nThe second flaw is that nilfs_get_block() returns a successful status in\nthis inconsistent state. This causes the caller __block_write_begin_int()\nor others to request a read even though the buffer is not mapped,\nresulting in a BUG_ON check for the BH_Mapped flag in submit_bh_wbc()\nfailing.\n\nThis fixes the first issue by changing the return value to code -EINVAL\nwhen a conversion using DAT fails with code -ENOENT, avoiding the\nconflicting condition that leads to the kernel bug described above. Here,\ncode -EINVAL indicates that metadata corruption was detected during the\nblock lookup, which will be properly handled as a file system error and\nconverted to -EIO when passing through the nilfs2 bmap layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26956",
"url": "https://www.suse.com/security/cve/CVE-2024-26956"
},
{
"category": "external",
"summary": "SUSE Bug 1223663 for CVE-2024-26956",
"url": "https://bugzilla.suse.com/1223663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26956"
},
{
"cve": "CVE-2024-26960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: swap: fix race between free_swap_and_cache() and swapoff()\n\nThere was previously a theoretical window where swapoff() could run and\nteardown a swap_info_struct while a call to free_swap_and_cache() was\nrunning in another thread. This could cause, amongst other bad\npossibilities, swap_page_trans_huge_swapped() (called by\nfree_swap_and_cache()) to access the freed memory for swap_map.\n\nThis is a theoretical problem and I haven\u0027t been able to provoke it from a\ntest case. But there has been agreement based on code review that this is\npossible (see link below).\n\nFix it by using get_swap_device()/put_swap_device(), which will stall\nswapoff(). There was an extra check in _swap_info_get() to confirm that\nthe swap entry was not free. This isn\u0027t present in get_swap_device()\nbecause it doesn\u0027t make sense in general due to the race between getting\nthe reference and swapoff. So I\u0027ve added an equivalent check directly in\nfree_swap_and_cache().\n\nDetails of how to provoke one possible issue (thanks to David Hildenbrand\nfor deriving this):\n\n--8\u003c-----\n\n__swap_entry_free() might be the last user and result in\n\"count == SWAP_HAS_CACHE\".\n\nswapoff-\u003etry_to_unuse() will stop as soon as soon as si-\u003einuse_pages==0.\n\nSo the question is: could someone reclaim the folio and turn\nsi-\u003einuse_pages==0, before we completed swap_page_trans_huge_swapped().\n\nImagine the following: 2 MiB folio in the swapcache. Only 2 subpages are\nstill references by swap entries.\n\nProcess 1 still references subpage 0 via swap entry.\nProcess 2 still references subpage 1 via swap entry.\n\nProcess 1 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n[then, preempted in the hypervisor etc.]\n\nProcess 2 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n\nProcess 2 goes ahead, passes swap_page_trans_huge_swapped(), and calls\n__try_to_reclaim_swap().\n\n__try_to_reclaim_swap()-\u003efolio_free_swap()-\u003edelete_from_swap_cache()-\u003e\nput_swap_folio()-\u003efree_swap_slot()-\u003eswapcache_free_entries()-\u003e\nswap_entry_free()-\u003eswap_range_free()-\u003e\n...\nWRITE_ONCE(si-\u003einuse_pages, si-\u003einuse_pages - nr_entries);\n\nWhat stops swapoff to succeed after process 2 reclaimed the swap cache\nbut before process1 finished its call to swap_page_trans_huge_swapped()?\n\n--8\u003c-----",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26960",
"url": "https://www.suse.com/security/cve/CVE-2024-26960"
},
{
"category": "external",
"summary": "SUSE Bug 1223655 for CVE-2024-26960",
"url": "https://bugzilla.suse.com/1223655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26960"
},
{
"cve": "CVE-2024-26965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: mmcc-msm8974: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26965",
"url": "https://www.suse.com/security/cve/CVE-2024-26965"
},
{
"category": "external",
"summary": "SUSE Bug 1223648 for CVE-2024-26965",
"url": "https://bugzilla.suse.com/1223648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26965"
},
{
"cve": "CVE-2024-26966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: mmcc-apq8084: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26966",
"url": "https://www.suse.com/security/cve/CVE-2024-26966"
},
{
"category": "external",
"summary": "SUSE Bug 1223646 for CVE-2024-26966",
"url": "https://bugzilla.suse.com/1223646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26966"
},
{
"cve": "CVE-2024-26969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-ipq8074: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26969",
"url": "https://www.suse.com/security/cve/CVE-2024-26969"
},
{
"category": "external",
"summary": "SUSE Bug 1223645 for CVE-2024-26969",
"url": "https://bugzilla.suse.com/1223645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26969"
},
{
"cve": "CVE-2024-26970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-ipq6018: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26970",
"url": "https://www.suse.com/security/cve/CVE-2024-26970"
},
{
"category": "external",
"summary": "SUSE Bug 1223644 for CVE-2024-26970",
"url": "https://bugzilla.suse.com/1223644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26970"
},
{
"cve": "CVE-2024-26972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26972"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26972",
"url": "https://www.suse.com/security/cve/CVE-2024-26972"
},
{
"category": "external",
"summary": "SUSE Bug 1223643 for CVE-2024-26972",
"url": "https://bugzilla.suse.com/1223643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26972"
},
{
"cve": "CVE-2024-26979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26979"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26979",
"url": "https://www.suse.com/security/cve/CVE-2024-26979"
},
{
"category": "external",
"summary": "SUSE Bug 1223628 for CVE-2024-26979",
"url": "https://bugzilla.suse.com/1223628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26979"
},
{
"cve": "CVE-2024-26981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix OOB in nilfs_set_de_type\n\nThe size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is\ndefined as \"S_IFMT \u003e\u003e S_SHIFT\", but the nilfs_set_de_type() function,\nwhich uses this array, specifies the index to read from the array in the\nsame way as \"(mode \u0026 S_IFMT) \u003e\u003e S_SHIFT\".\n\nstatic void nilfs_set_de_type(struct nilfs_dir_entry *de, struct inode\n *inode)\n{\n\tumode_t mode = inode-\u003ei_mode;\n\n\tde-\u003efile_type = nilfs_type_by_mode[(mode \u0026 S_IFMT)\u003e\u003eS_SHIFT]; // oob\n}\n\nHowever, when the index is determined this way, an out-of-bounds (OOB)\nerror occurs by referring to an index that is 1 larger than the array size\nwhen the condition \"mode \u0026 S_IFMT == S_IFMT\" is satisfied. Therefore, a\npatch to resize the nilfs_type_by_mode array should be applied to prevent\nOOB errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26981",
"url": "https://www.suse.com/security/cve/CVE-2024-26981"
},
{
"category": "external",
"summary": "SUSE Bug 1223668 for CVE-2024-26981",
"url": "https://bugzilla.suse.com/1223668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26981"
},
{
"cve": "CVE-2024-26982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: check the inode number is not the invalid value of zero\n\nSyskiller has produced an out of bounds access in fill_meta_index().\n\nThat out of bounds access is ultimately caused because the inode\nhas an inode number with the invalid value of zero, which was not checked.\n\nThe reason this causes the out of bounds access is due to following\nsequence of events:\n\n1. Fill_meta_index() is called to allocate (via empty_meta_index())\n and fill a metadata index. It however suffers a data read error\n and aborts, invalidating the newly returned empty metadata index.\n It does this by setting the inode number of the index to zero,\n which means unused (zero is not a valid inode number).\n\n2. When fill_meta_index() is subsequently called again on another\n read operation, locate_meta_index() returns the previous index\n because it matches the inode number of 0. Because this index\n has been returned it is expected to have been filled, and because\n it hasn\u0027t been, an out of bounds access is performed.\n\nThis patch adds a sanity check which checks that the inode number\nis not zero when the inode is created and returns -EINVAL if it is.\n\n[phillip@squashfs.org.uk: whitespace fix]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26982",
"url": "https://www.suse.com/security/cve/CVE-2024-26982"
},
{
"category": "external",
"summary": "SUSE Bug 1223634 for CVE-2024-26982",
"url": "https://bugzilla.suse.com/1223634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26982"
},
{
"cve": "CVE-2024-26993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path. If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called). As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26993",
"url": "https://www.suse.com/security/cve/CVE-2024-26993"
},
{
"category": "external",
"summary": "SUSE Bug 1223693 for CVE-2024-26993",
"url": "https://bugzilla.suse.com/1223693"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-27013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntun: limit printing rate when illegal packet received by tun dev\n\nvhost_worker will call tun call backs to receive packets. If too many\nillegal packets arrives, tun_do_read will keep dumping packet contents.\nWhen console is enabled, it will costs much more cpu time to dump\npacket and soft lockup will be detected.\n\nnet_ratelimit mechanism can be used to limit the dumping rate.\n\nPID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: \"vhost-32980\"\n #0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253\n #1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3\n #2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e\n #3 [fffffe00003fced0] do_nmi at ffffffff8922660d\n #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663\n [exception RIP: io_serial_in+20]\n RIP: ffffffff89792594 RSP: ffffa655314979e8 RFLAGS: 00000002\n RAX: ffffffff89792500 RBX: ffffffff8af428a0 RCX: 0000000000000000\n RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff8af428a0\n RBP: 0000000000002710 R8: 0000000000000004 R9: 000000000000000f\n R10: 0000000000000000 R11: ffffffff8acbf64f R12: 0000000000000020\n R13: ffffffff8acbf698 R14: 0000000000000058 R15: 0000000000000000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #5 [ffffa655314979e8] io_serial_in at ffffffff89792594\n #6 [ffffa655314979e8] wait_for_xmitr at ffffffff89793470\n #7 [ffffa65531497a08] serial8250_console_putchar at ffffffff897934f6\n #8 [ffffa65531497a20] uart_console_write at ffffffff8978b605\n #9 [ffffa65531497a48] serial8250_console_write at ffffffff89796558\n #10 [ffffa65531497ac8] console_unlock at ffffffff89316124\n #11 [ffffa65531497b10] vprintk_emit at ffffffff89317c07\n #12 [ffffa65531497b68] printk at ffffffff89318306\n #13 [ffffa65531497bc8] print_hex_dump at ffffffff89650765\n #14 [ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun]\n #15 [ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun]\n #16 [ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net]\n #17 [ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost]\n #18 [ffffa65531497f10] kthread at ffffffff892d2e72\n #19 [ffffa65531497f50] ret_from_fork at ffffffff89c0022f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27013",
"url": "https://www.suse.com/security/cve/CVE-2024-27013"
},
{
"category": "external",
"summary": "SUSE Bug 1223745 for CVE-2024-27013",
"url": "https://bugzilla.suse.com/1223745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Prevent deadlock while disabling aRFS\n\nWhen disabling aRFS under the `priv-\u003estate_lock`, any scheduled\naRFS works are canceled using the `cancel_work_sync` function,\nwhich waits for the work to end if it has already started.\nHowever, while waiting for the work handler, the handler will\ntry to acquire the `state_lock` which is already acquired.\n\nThe worker acquires the lock to delete the rules if the state\nis down, which is not the worker\u0027s responsibility since\ndisabling aRFS deletes the rules.\n\nAdd an aRFS state variable, which indicates whether the aRFS is\nenabled and prevent adding rules when the aRFS is disabled.\n\nKernel log:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.7.0-rc4_net_next_mlx5_5483eb2 #1 Tainted: G I\n------------------------------------------------------\nethtool/386089 is trying to acquire lock:\nffff88810f21ce68 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}, at: __flush_work+0x74/0x4e0\n\nbut task is already holding lock:\nffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026priv-\u003estate_lock){+.+.}-{3:3}:\n __mutex_lock+0x80/0xc90\n arfs_handle_work+0x4b/0x3b0 [mlx5_core]\n process_one_work+0x1dc/0x4a0\n worker_thread+0x1bf/0x3c0\n kthread+0xd7/0x100\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n\n-\u003e #0 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}:\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n __flush_work+0x7a/0x4e0\n __cancel_work_timer+0x131/0x1c0\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1a1/0x270\n netlink_sendmsg+0x214/0x460\n __sock_sendmsg+0x38/0x60\n __sys_sendto+0x113/0x170\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x40/0xe0\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n\n *** DEADLOCK ***\n\n3 locks held by ethtool/386089:\n #0: ffffffff82ea7210 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40\n #1: ffffffff82e94c88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0xd3/0x240\n #2: ffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nstack backtrace:\nCPU: 15 PID: 386089 Comm: ethtool Tainted: G I 6.7.0-rc4_net_next_mlx5_5483eb2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x60/0xa0\n check_noncircular+0x144/0x160\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n ? __flush_work+0x74/0x4e0\n ? save_trace+0x3e/0x360\n ? __flush_work+0x74/0x4e0\n __flush_work+0x7a/0x4e0\n ? __flush_work+0x74/0x4e0\n ? __lock_acquire+0xa78/0x2c80\n ? lock_acquire+0xd0/0x2b0\n ? mark_held_locks+0x49/0x70\n __cancel_work_timer+0x131/0x1c0\n ? mark_held_locks+0x49/0x70\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n ? ethn\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27014",
"url": "https://www.suse.com/security/cve/CVE-2024-27014"
},
{
"category": "external",
"summary": "SUSE Bug 1223735 for CVE-2024-27014",
"url": "https://bugzilla.suse.com/1223735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27014"
},
{
"cve": "CVE-2024-27030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Use separate handlers for interrupts\n\nFor PF to AF interrupt vector and VF to AF vector same\ninterrupt handler is registered which is causing race condition.\nWhen two interrupts are raised to two CPUs at same time\nthen two cores serve same event corrupting the data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27030",
"url": "https://www.suse.com/security/cve/CVE-2024-27030"
},
{
"category": "external",
"summary": "SUSE Bug 1223790 for CVE-2024-27030",
"url": "https://bugzilla.suse.com/1223790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27030"
},
{
"cve": "CVE-2024-27038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Fix clk_core_get NULL dereference\n\nIt is possible for clk_core_get to dereference a NULL in the following\nsequence:\n\nclk_core_get()\n of_clk_get_hw_from_clkspec()\n __of_clk_get_hw_from_provider()\n __clk_get_hw()\n\n__clk_get_hw() can return NULL which is dereferenced by clk_core_get() at\nhw-\u003ecore.\n\nPrior to commit dde4eff47c82 (\"clk: Look for parents with clkdev based\nclk_lookups\") the check IS_ERR_OR_NULL() was performed which would have\ncaught the NULL.\n\nReading the description of this function it talks about returning NULL but\nthat cannot be so at the moment.\n\nUpdate the function to check for hw before dereferencing it and return NULL\nif hw is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27038",
"url": "https://www.suse.com/security/cve/CVE-2024-27038"
},
{
"category": "external",
"summary": "SUSE Bug 1223816 for CVE-2024-27038",
"url": "https://bugzilla.suse.com/1223816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27038"
},
{
"cve": "CVE-2024-27039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27039"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: hisilicon: hi3559a: Fix an erroneous devm_kfree()\n\n\u0027p_clk\u0027 is an array allocated just before the for loop for all clk that\nneed to be registered.\nIt is incremented at each loop iteration.\n\nIf a clk_register() call fails, \u0027p_clk\u0027 may point to something different\nfrom what should be freed.\n\nThe best we can do, is to avoid this wrong release of memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27039",
"url": "https://www.suse.com/security/cve/CVE-2024-27039"
},
{
"category": "external",
"summary": "SUSE Bug 1223821 for CVE-2024-27039",
"url": "https://bugzilla.suse.com/1223821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27039"
},
{
"cve": "CVE-2024-27041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27041"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix NULL checks for adev-\u003edm.dc in amdgpu_dm_fini()\n\nSince \u0027adev-\u003edm.dc\u0027 in amdgpu_dm_fini() might turn out to be NULL\nbefore the call to dc_enable_dmub_notifications(), check\nbeforehand to ensure there will not be a possible NULL-ptr-deref\nthere.\n\nAlso, since commit 1e88eb1b2c25 (\"drm/amd/display: Drop\nCONFIG_DRM_AMD_DC_HDCP\") there are two separate checks for NULL in\n\u0027adev-\u003edm.dc\u0027 before dc_deinit_callbacks() and dc_dmub_srv_destroy().\nClean up by combining them all under one \u0027if\u0027.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27041",
"url": "https://www.suse.com/security/cve/CVE-2024-27041"
},
{
"category": "external",
"summary": "SUSE Bug 1223714 for CVE-2024-27041",
"url": "https://bugzilla.suse.com/1223714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27041"
},
{
"cve": "CVE-2024-27042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27042"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential out-of-bounds access in \u0027amdgpu_discovery_reg_base_init()\u0027\n\nThe issue arises when the array \u0027adev-\u003evcn.vcn_config\u0027 is accessed\nbefore checking if the index \u0027adev-\u003evcn.num_vcn_inst\u0027 is within the\nbounds of the array.\n\nThe fix involves moving the bounds check before the array access. This\nensures that \u0027adev-\u003evcn.num_vcn_inst\u0027 is within the bounds of the array\nbefore it is used as an index.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c:1289 amdgpu_discovery_reg_base_init() error: testing array offset \u0027adev-\u003evcn.num_vcn_inst\u0027 after use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27042",
"url": "https://www.suse.com/security/cve/CVE-2024-27042"
},
{
"category": "external",
"summary": "SUSE Bug 1223823 for CVE-2024-27042",
"url": "https://bugzilla.suse.com/1223823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27042"
},
{
"cve": "CVE-2024-27043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev\u0027s deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n |-\u003e dvb_dmxdev_init\n |-\u003e dvb_register_device\n |-\u003e dvb_dmxdev_release\n |-\u003e dvb_unregister_device\n |-\u003e dvb_remove_device\n |-\u003e dvb_device_put\n |-\u003e kref_put\n\nWhen calling dvb_unregister_device, dmxdev-\u003edvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27043",
"url": "https://www.suse.com/security/cve/CVE-2024-27043"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223824 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "external",
"summary": "SUSE Bug 1223825 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "important"
}
],
"title": "CVE-2024-27043"
},
{
"cve": "CVE-2024-27046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27046"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: handle acti_netdevs allocation failure\n\nThe kmalloc_array() in nfp_fl_lag_do_work() will return null, if\nthe physical memory has run out. As a result, if we dereference\nthe acti_netdevs, the null pointer dereference bugs will happen.\n\nThis patch adds a check to judge whether allocation failure occurs.\nIf it happens, the delayed work will be rescheduled and try again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27046",
"url": "https://www.suse.com/security/cve/CVE-2024-27046"
},
{
"category": "external",
"summary": "SUSE Bug 1223827 for CVE-2024-27046",
"url": "https://bugzilla.suse.com/1223827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27046"
},
{
"cve": "CVE-2024-27056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: ensure offloading TID queue exists\n\nThe resume code path assumes that the TX queue for the offloading TID\nhas been configured. At resume time it then tries to sync the write\npointer as it may have been updated by the firmware.\n\nIn the unusual event that no packets have been send on TID 0, the queue\nwill not have been allocated and this causes a crash. Fix this by\nensuring the queue exist at suspend time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27056",
"url": "https://www.suse.com/security/cve/CVE-2024-27056"
},
{
"category": "external",
"summary": "SUSE Bug 1223822 for CVE-2024-27056",
"url": "https://bugzilla.suse.com/1223822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27056"
},
{
"cve": "CVE-2024-27059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27059",
"url": "https://www.suse.com/security/cve/CVE-2024-27059"
},
{
"category": "external",
"summary": "SUSE Bug 1223738 for CVE-2024-27059",
"url": "https://bugzilla.suse.com/1223738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: lock the client object tree.\n\nIt appears the client object tree has no locking unless I\u0027ve missed\nsomething else. Fix races around adding/removing client objects,\nmostly vram bar mappings.\n\n 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI\n[ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\n[ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\n[ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 \u003c48\u003e 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe\n[ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206\n[ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58\n[ 4562.099517] RDX: 0000000000000000 RSI: ffff9810f26b9158 RDI: ffff98108791f400\n[ 4562.099519] RBP: ffff9810f26b9158 R08: 0000000000000000 R09: 0000000000000000\n[ 4562.099521] R10: ffffa94cc420bc48 R11: 0000000000000001 R12: ffff9810f02a7cc0\n[ 4562.099526] R13: 0000000000000000 R14: 00000000000000ff R15: 0000000000000007\n[ 4562.099528] FS: 00007f629c5017c0(0000) GS:ffff98142c700000(0000) knlGS:0000000000000000\n[ 4562.099534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4562.099536] CR2: 00007f629a882000 CR3: 000000017019e004 CR4: 00000000003706f0\n[ 4562.099541] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4562.099542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4562.099544] Call Trace:\n[ 4562.099555] \u003cTASK\u003e\n[ 4562.099573] ? die_addr+0x36/0x90\n[ 4562.099583] ? exc_general_protection+0x246/0x4a0\n[ 4562.099593] ? asm_exc_general_protection+0x26/0x30\n[ 4562.099600] ? nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099730] nvkm_ioctl+0xa1/0x250 [nouveau]\n[ 4562.099861] nvif_object_map_handle+0xc8/0x180 [nouveau]\n[ 4562.099986] nouveau_ttm_io_mem_reserve+0x122/0x270 [nouveau]\n[ 4562.100156] ? dma_resv_test_signaled+0x26/0xb0\n[ 4562.100163] ttm_bo_vm_fault_reserved+0x97/0x3c0 [ttm]\n[ 4562.100182] ? __mutex_unlock_slowpath+0x2a/0x270\n[ 4562.100189] nouveau_ttm_fault+0x69/0xb0 [nouveau]\n[ 4562.100356] __do_fault+0x32/0x150\n[ 4562.100362] do_fault+0x7c/0x560\n[ 4562.100369] __handle_mm_fault+0x800/0xc10\n[ 4562.100382] handle_mm_fault+0x17c/0x3e0\n[ 4562.100388] do_user_addr_fault+0x208/0x860\n[ 4562.100395] exc_page_fault+0x7f/0x200\n[ 4562.100402] asm_exc_page_fault+0x26/0x30\n[ 4562.100412] RIP: 0033:0x9b9870\n[ 4562.100419] Code: 85 a8 f7 ff ff 8b 8d 80 f7 ff ff 89 08 e9 18 f2 ff ff 0f 1f 84 00 00 00 00 00 44 89 32 e9 90 fa ff ff 0f 1f 84 00 00 00 00 00 \u003c44\u003e 89 32 e9 f8 f1 ff ff 0f 1f 84 00 00 00 00 00 66 44 89 32 e9 e7\n[ 4562.100422] RSP: 002b:00007fff9ba2dc70 EFLAGS: 00010246\n[ 4562.100426] RAX: 0000000000000004 RBX: 000000000dd65e10 RCX: 000000fff0000000\n[ 4562.100428] RDX: 00007f629a882000 RSI: 00007f629a882000 RDI: 0000000000000066\n[ 4562.100432] RBP: 00007fff9ba2e570 R08: 0000000000000000 R09: 0000000123ddf000\n[ 4562.100434] R10: 0000000000000001 R11: 0000000000000246 R12: 000000007fffffff\n[ 4562.100436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 4562.100446] \u003c/TASK\u003e\n[ 4562.100448] Modules linked in: nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink cmac bnep sunrpc iwlmvm intel_rapl_msr intel_rapl_common snd_sof_pci_intel_cnl x86_pkg_temp_thermal intel_powerclamp snd_sof_intel_hda_common mac80211 coretemp snd_soc_acpi_intel_match kvm_intel snd_soc_acpi snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda_mlink \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27062",
"url": "https://www.suse.com/security/cve/CVE-2024-27062"
},
{
"category": "external",
"summary": "SUSE Bug 1223834 for CVE-2024-27062",
"url": "https://bugzilla.suse.com/1223834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27062"
},
{
"cve": "CVE-2024-27389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27389"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore: inode: Only d_invalidate() is needed\n\nUnloading a modular pstore backend with records in pstorefs would\ntrigger the dput() double-drop warning:\n\n WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410\n\nUsing the combo of d_drop()/dput() (as mentioned in\nDocumentation/filesystems/vfs.rst) isn\u0027t the right approach here, and\nleads to the reference counting problem seen above. Use d_invalidate()\nand update the code to not bother checking for error codes that can\nnever happen.\n\n---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27389",
"url": "https://www.suse.com/security/cve/CVE-2024-27389"
},
{
"category": "external",
"summary": "SUSE Bug 1223705 for CVE-2024-27389",
"url": "https://bugzilla.suse.com/1223705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:cluster-md-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:dlm-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:gfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-extra-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-livepatch-devel-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-azure-optional-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-azure-vdso-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kernel-devel-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-source-azure-5.14.21-150500.33.51.1.noarch",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kernel-syms-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:kselftests-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:ocfs2-kmp-azure-5.14.21-150500.33.51.1.x86_64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.aarch64",
"openSUSE Leap 15.5:reiserfs-kmp-azure-5.14.21-150500.33.51.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-05-14T14:29:53Z",
"details": "moderate"
}
],
"title": "CVE-2024-27389"
}
]
}
suse-su-2024:1659-1
Vulnerability from csaf_suse
Published
2024-05-15 09:29
Modified
2024-05-15 09:29
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case (bsc#1222596).
- CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714).
- CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821).
- CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).
- CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
- CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644).
- CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645).
- CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646).
- CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
- CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660).
- CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
- CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196).
- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
- CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).
- CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076).
- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
- CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052).
- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
- CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).
- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26848: Fixed afs endless loop in directory parsing (bsc#1223030).
- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
- CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
- CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
- CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)
- CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726).
- CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
- CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).
- CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).
- CVE-2024-26751: Fixed ARM/ep93xx terminator to gpiod_lookup_table (bsc#1222724).
- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449).
- CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677).
- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already gets read (bsc#1222536).
- CVE-2024-26718: Fixed dm-crypt/dm-verity disable tasklets (bsc#1222416).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2024-26696: Fixed nilfs2 hang in nilfs_lookup_dirty_data_buffers() (bsc#1222549).
- CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
- CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
- CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write (bsc#1222437).
- CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).
- CVE-2024-26681: Fixed netdevsim to avoid potential loop in nsim_dev_trap_report_work() (bsc#1222431).
- CVE-2024-26680: Fixed net/atlantic DMA mapping for PTP hwts ring (bsc#1222427).
- CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26660: Fixed drm/amd/display bounds check for stream encoder creation (bsc#1222266).
- CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
- CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
- CVE-2023-52636: Fixed libceph cursor init when preparing sparse read in msgr2 (bsc#1222247).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2023-52627: Fixed iio:adc:ad7091r exports into IIO_AD7091R namespace (bsc#1222051).
- CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
- CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612).
- CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
- CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
- CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
- CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080).
- CVE-2023-52561: Fixed arm64/dts/qcom/sdm845-db845c to mark cont splash memory region (bsc#1220935).
- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).
- CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162).
- CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505).
- CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498).
- CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
- CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478).
- CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499).
- CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475).
- CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710).
- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)
- CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838).
- CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).
- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).
- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).
- CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).
- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).
The following non-security bugs were fixed:
- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
- Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
- Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports (git-fixes).
- HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- NFS: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).
- PCI/AER: Block runtime suspend when handling errors (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (git-fixes).
- PCI/DPC: Quirk PIO log size for certain Intel Root Ports (git-fixes).
- PCI/PM: Drain runtime-idle callbacks before driver removal (git-fixes).
- PCI: Drop pci_device_remove() test of pci_dev->driver (git-fixes).
- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes).
- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- Reapply 'drm/qxl: simplify qxl_fence_wait' (stable-fixes).
- Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes).
- Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes).
- Revert 'ice: Fix ice VF reset during iavf initialization (jsc#PED-376).' (bsc#1223275)
- Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes).
- Revert 'usb: phy: generic: Get the vbus supply' (git-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
- bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (git-fixes).
- bcache: Remove dead references to cache_readaheads (git-fixes).
- bcache: Remove unnecessary NULL point check in node allocations (git-fixes).
- bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (git-fixes).
- bcache: avoid NULL checking to c->root in run_cache_set() (git-fixes).
- bcache: avoid oversize memory allocation by small stripe_size (git-fixes).
- bcache: bset: Fix comment typos (git-fixes).
- bcache: check return value from btree_node_alloc_replacement() (git-fixes).
- bcache: fix NULL pointer reference in cached_dev_detach_finish (git-fixes).
- bcache: fix error info in register_bcache() (git-fixes).
- bcache: fixup bcache_dev_sectors_dirty_add() multithreaded CPU false sharing (git-fixes).
- bcache: fixup btree_cache_wait list damage (git-fixes).
- bcache: fixup init dirty data errors (git-fixes).
- bcache: fixup lock c->root error (git-fixes).
- bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (git-fixes).
- bcache: move calc_cached_dev_sectors to proper place on backing device detach (git-fixes).
- bcache: move uapi header bcache.h to bcache code directory (git-fixes).
- bcache: prevent potential division by zero error (git-fixes).
- bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous device registration' (git-fixes).
- bcache: remove redundant assignment to variable cur_idx (git-fixes).
- bcache: remove the backing_dev_name field from struct cached_dev (git-fixes).
- bcache: remove the cache_dev_name field from struct cache (git-fixes).
- bcache: remove unnecessary flush_workqueue (git-fixes).
- bcache: remove unused bch_mark_cache_readahead function def in stats.h (git-fixes).
- bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (git-fixes).
- bcache: replace snprintf in show functions with sysfs_emit (git-fixes).
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).
- bcache: use bvec_kmap_local in bch_data_verify (git-fixes).
- bcache: use bvec_kmap_local in bio_csum (git-fixes).
- bcache: use default_groups in kobj_type (git-fixes).
- bcache:: fix repeated words in comments (git-fixes).
- ceph: stop copying to iter at EOF on sync reads (bsc#1223068).
- ceph: switch to corrected encoding of max_xattr_size in mdsmap (bsc#1223067).
- clk: Get runtime PM before walking tree during disable_unused (git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- clk: Mark 'all_lists' as const (stable-fixes).
- clk: Print an info line before disabling unused clocks (stable-fixes).
- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
- clk: remove extra empty line (stable-fixes).
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes).
- dm cache: add cond_resched() to various workqueue loops (git-fixes).
- dm clone: call kmem_cache_destroy() in dm_clone_init() error path (git-fixes).
- dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).
- dm crypt: avoid accessing uninitialized tasklet (git-fixes).
- dm flakey: do not corrupt the zero page (git-fixes).
- dm flakey: fix a bug with 32-bit highmem systems (git-fixes).
- dm flakey: fix a crash with invalid table line (git-fixes).
- dm flakey: fix logic when corrupting a bio (git-fixes).
- dm init: add dm-mod.waitfor to wait for asynchronously probed block devices (git-fixes).
- dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm integrity: reduce vmalloc space footprint on 32-bit architectures (git-fixes).
- dm raid: clean up four equivalent goto tags in raid_ctr() (git-fixes).
- dm raid: fix false positive for requeue needed during reshape (git-fixes).
- dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git-fixes).
- dm stats: check for and propagate alloc_percpu failure (git-fixes).
- dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client (git-fixes).
- dm thin metadata: check fail_io before using data_sm (git-fixes).
- dm thin: add cond_resched() to various workqueue loops (git-fixes).
- dm thin: fix deadlock when swapping to thin device (bsc#1177529).
- dm verity: do not perform FEC for failed readahead IO (git-fixes).
- dm verity: fix error handling for check_at_most_once on FEC (git-fixes).
- dm zoned: free dmz->ddev array in dmz_put_zoned_devices (git-fixes).
- dm-delay: fix a race between delay_presuspend and delay_bio (git-fixes).
- dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata() (git-fixes).
- dm-raid: fix lockdep waring in 'pers->hot_add_disk' (git-fixes).
- dm-verity, dm-crypt: align 'struct bvec_iter' correctly (git-fixes).
- dm-verity: align struct dm_verity_fec_io properly (git-fixes).
- dm: add cond_resched() to dm_wq_work() (git-fixes).
- dm: call the resume method on internal suspend (git-fixes).
- dm: do not lock fs when the map is NULL during suspend or resume (git-fixes).
- dm: do not lock fs when the map is NULL in process of resume (git-fixes).
- dm: remove flush_scheduled_work() during local_exit() (git-fixes).
- dm: send just one event on resize, not two (git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- docs: Document the FAN_FS_ERROR event (stable-fixes).
- drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes).
- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
- drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
- drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-fixes).
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).
- fbdev: fix incorrect address computation in deferred IO (git-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).
- fix build warning
- fuse: do not unhash root (bsc#1223951).
- fuse: fix root lookup with nonzero generation (bsc#1223950).
- hwmon: (amc6821) add of_match table (stable-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- i40e: Fix VF MAC filter removal (git-fixes).
- idma64: Do not try to serve interrupts when device is powered off (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow (git-fixes).
- iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (git-fixes).
- iommu/amd: Fix 'Guest Virtual APIC Table Root Pointer' configuration in IRTE (git-fixes).
- iommu/amd: Fix domain flush size when syncing iotlb (git-fixes).
- iommu/amd: Fix error handling for pdev_pri_ats_enable() (git-fixes).
- iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes).
- iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (git-fixes).
- iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c (git-fixes).
- iommu/iova: Fix alloc iova overflows issue (git-fixes).
- iommu/mediatek: Flush IOTLB completely only if domain has been attached (git-fixes).
- iommu/rockchip: Fix unwind goto issue (git-fixes).
- iommu/sprd: Release dma buffer to avoid memory leak (git-fixes).
- iommu/vt-d: Allocate local memory for page request queue (git-fixes).
- iommu/vt-d: Allow zero SAGAW if second-stage not supported (git-fixes).
- iommu/vt-d: Fix error handling in sva enable/disable paths (git-fixes).
- iommu: Fix error unwind in iommu_group_alloc() (git-fixes).
- ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
- kABI: Adjust trace_iterator.wait_index (git-fixes).
- kprobes: Fix double free of kretprobe_holder (bsc#1220901).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes).
- libnvdimm/region: Allow setting align attribute on regions without mappings (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- md/raid1: fix choose next idle in read_balance() (git-fixes).
- md: Do not clear MD_CLOSING when the raid is about to stop (git-fixes).
- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (git-fixes).
- media: cec: core: remove length check of Timer Status (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473).
- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- nd_btt: Make BTT lanes preemptible (git-fixes).
- net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes).
- net: fix a memleak when uncloning an skb dst and its metadata (git-fixes).
- net: fix skb leak in __skb_tstamp_tx() (git-fixes).
- net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes).
- net: mld: fix reference count leak in mld_{query | report}_work() (git-fixes).
- net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes).
- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).
- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: vlan: fix underflow for the real_dev refcnt (git-fixes).
- netfilter: br_netfilter: Drop dst references before setting (git-fixes).
- netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-fixes).
- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nouveau: fix function cast warning (git-fixes).
- nouveau: fix instmem race condition around ptr stores (git-fixes).
- nvdimm/namespace: drop nested variable in create_namespace_pmem() (git-fixes).
- nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes).
- nvdimm: Fix badblocks clear off-by-one error (git-fixes).
- nvdimm: Fix dereference after free in register_nvdimm_pmu() (git-fixes).
- nvdimm: Fix firmware activation deadlock scenarios (git-fixes).
- nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() (git-fixes).
- pci_iounmap(): Fix MMIO mapping leak (git-fixes).
- phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
- powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191).
- powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900).
- powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888).
- powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888).
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- powerpc: Refactor verification of MSR_RI (bsc#1223191).
- printk: Add this_cpu_in_panic() (bsc#1223574).
- printk: Adjust mapping for 32bit seq macros (bsc#1223574).
- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574).
- printk: Disable passing console lock owner completely during panic() (bsc#1223574).
- printk: Drop console_sem during panic (bsc#1223574).
- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1223574).
- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574).
- printk: Wait for all reserved records with pr_flush() (bsc#1223574).
- printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
- printk: ringbuffer: Clarify special lpos values (bsc#1223574).
- printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1223574).
- printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574).
- printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574).
- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- ring-buffer: Fix resetting of shortest_full (git-fixes).
- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875).
- s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785).
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878).
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879).
- s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876).
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
- serial: core: Provide port lock wrappers (stable-fixes).
- serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes).
- serial: mxs-auart: add spinlock around changing cts state (git-fixes).
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
- thunderbolt: Fix wake configurations after device unplug (stable-fixes).
- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).
- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
- tracing: Remove precision vsnprintf() check from print event (git-fixes).
- tracing: Show size of requested perf buffer (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
- usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
- usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
- wifi: nl80211: do not free NULL coalescing rule (git-fixes).
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes).
- x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes).
- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- x86/xen: add CPU dependencies for 32-bit build (git-fixes).
- x86/xen: fix percpu vcpu_info allocation (git-fixes).
- xen-netback: properly sync TX responses (git-fixes).
- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (git-fixes).
- xen/xenbus: document will_handle argument for xenbus_watch_path() (git-fixes).
- xfrm6: fix inet6_dev refcount underflow problem (git-fixes).
Patchnames
SUSE-2024-1659,SUSE-SLE-Micro-5.5-2024-1659,SUSE-SLE-Module-Basesystem-15-SP5-2024-1659,SUSE-SLE-Module-Development-Tools-15-SP5-2024-1659,SUSE-SLE-Module-Legacy-15-SP5-2024-1659,SUSE-SLE-Module-Live-Patching-15-SP5-2024-1659,SUSE-SLE-Product-HA-15-SP5-2024-1659,SUSE-SLE-Product-WE-15-SP5-2024-1659,openSUSE-SLE-15.5-2024-1659
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).